Be aware of a highly effective Gmail phishing attack
Posted by Matt Kinne on 12 January 2017 11:34 AM
Gmail, one of the world's most popular email providers, has been the target of a highly effective phishing scam to get password information from Google accounts. Let us explain how it works and what you can do to prevent it from happening to you, friends, and co-workers.
The way the attack starts is that you will be sent an email from a compromised email address; it could be one of your known contacts if their account was hacked already. The email will include an image of what looks to be an attachment. Clicking on an attachment will typically expand it and show you a preview, but in this case the faux attachment will open a new tab, prompting you to sign into Gmail again.
This is where it gets tricky. The page, will look like a standard Google login page. This is where even highly technical people are getting fooled. Once you sign in to the look-alike Google login page, your data has been compromised.
How to avoid this from happening
The easily way to tell is that all of Google's websites are secured with an SSL certificate. That means all data transferred between your device and Google is encrypted. The dead giveaway on this phishing scam is to look at the URL in your browser window. We have a screenshot of what the actual phishing URL looks like courtesy of Wordfence. We have compared it side-by-side with the official Google URL for reference.
Now, when you compare that to Google's actual account page login, you will notice the green padlock and "https" text. That is how you know you are on a secure connection. Also making sure that the sign in page URL begins with https://accounts.google.com/ is a good way to check. The phishing URL above has https://accounts.google.com/ within it, but it starts with "data:text/html,". If you are unsure if the URL you are visiting is compromised, close it out and return to your Gmail or Google accounts page.
Lastly, if you believe your data has been compromised, change your password immediately. Make sure to use a very secure password with numbers, special characters, and a length longer than 8 characters! Please spread the word to friends, family, and co-workers so we can minimize the impact of this phishing scheme. It is unknown at this moment if Google will employ any precautions to stop this from happening.