Internet fraud, such as phishing, has been on the rise as cybercriminals discover new ways to deceive users. Phishing is an attempt to obtain sensitive information such as passwords, credit card details or username for mischievous reasons by disguising as a trustworthy entity in electronic communication.
Security experts have revealed that Gmail users are a target of a new phishing campaign that can outsmart even experienced tech users. Cybercriminals use specially created URLs to trick people into entering their Gmail credentials on a phishing website. Once a victim submits a password, the attacker logs into the victim's Gmail account and starts gathering information in preparation for a secondary attack targeted at contacts of the victim..
Asides gathering contact email addresses of the victims, the attackers also scan for attachments and appropriate subject lines from previously sent emails. So the phishing email, which contains a message and a thumb-nailed version of an attachment, appears to be sent from someone the victims actually know.
When this attachment is clicked a convincing Gmail login box is opened, however this is a trap. A full web page worth of code is entered into the browser’s address bar when the attachment is clicked. With the rest of this code carefully hidden by whitespaces, all the victim sees is the very beginning and the "https://accounts.google.com" may cause many to let their guard down.
Experts are unsure of the exact mechanism of the attack, but it is suspected that these criminals either have an active team ready to act on compromised accounts or they employ some advanced automation feature in their code.
How to protect yourself from these attacks
These carefully planned attacks can be easily overcome if you enable two-factor authentication in Gmail. Attackers cannot gain access to your account without access to this second factor which may be your phone or a USB cryptographic key.
If you fear that you may already be a victim of the scam, you should first change the password of your Gmail account then get rid of any current sessions on your Gmail account activity page that you consider suspicious.
