A new Gmail phishing scam now seems to be spreading widely across Google’s Gmail user base. The frightening part is that most of the phishing process looks authentic because it uses Google’s logo, page layout and other elements. Here’s how the phishing scam works, and how to protect yourself from it.
The Gmail phishing scam originates with an email received from a trusted contact on your contacts list within Gmail. When you open the email, you’ll see something like what Twitter user Tom Scott has shared:
This is the closest I’ve ever come to falling for a Gmail phishing attack. If it hadn’t been for my high-DPI screen making the image fuzzy… pic.twitter.com/MizEWYksBh
— Tom Scott (@tomscott) December 23, 2016
As you can see, the email itself looks authentic, and innocent enough. You will also see a PDF attachment, but that’s the catch. It’s not a PDF attachment, but an image file modified to look like a PDF document.
The embedded image will not open in preview mode, obviously. Rather, it takes you to what looks like an authentic Google sign-in page. All the elements are there…the logo, the text fields and even Google’s “One Account. All of Google” tagline appears genuine. See below:
Until this point everything looks normal and authentic. But it’s not. If you look a little closely at the URL in the address bar, you’ll see a ‘data:text/html,’ prefix on the URL. This is known as a Data URI, and unlike a URL, it embeds a file rather than showing you the location of a webpage.
That fake login page where the hackers get your email login details. Once you log in, they’ll take your account details, go through your past email messages and contact list and then start the cycle all over again – but this time, they’ll be using your email ID to pose as the “trusted contact.”
The reason it’s scary because everything looks normal until you carefully check the login page and the URL that the PDF document supposedly takes you to.
Google is aware of this problem, and have said in an email response to Fortune that a two-step verification is the best way to prevent this sort of attack. Google also highlighted its continued efforts to use artificial intelligence to automatically identify and deal with phishing scams such as this one.
How to Stay Safe on the Web
When browsing the web and entering details into any website, check whether the site is secure. You can do this by looking for the green padlock icon preceding the webpage’s address. You will also see “https” at the beginning of the URL, indicating that the site is safe for you to submit your details to.
Where emails are concerned, look for anomalies in emails even when they’re from “trusted contacts.” Look for things like spelling errors, unusual subject lines, suspicious attachments and so on.
Phishing scams like the Gmail phishing scam above usually depend on users blindly trusting what they see online, and this is probably something that all of us have been guilty of at one time or other.
It’s our job to be more aware of such attack methods. Keeping our passwords unique, using different passwords for different sites, not clicking on every email attachment that comes our way and checking for security protocols when entering information online are all best practices designed to keep us safe as we browse the web. At the end of the day, it’s our decision to either follow them or ignore them – at our own peril.
Thanks for reading our work! Please bookmark 1redDrop.com to keep tabs on the hottest, most happening tech and business news from around the world. On Apple News, please favorite the 1redDrop channel to get us in your news feed.