There is a new Phishing scam that is impacting many Gmail users. This is a highly effective technique used to garner the victims account login information and then use their compromised account to further spread the scam to others in your contact book. There is no sure fire way to verify if your account has been compromised but if you are unsure, change your password immediately. Since there is no programatical way to prevent this sophisticated attack I ask that you spread the word, and share this article around to alert as many people as possible.
How Does the Gmail Phishing Attack Work?
This attack starts with a single email. This email is likely going to be from someone you know and, by all outward appearances, seem ligitimate. It’s for this reason that many people are getting compromised – even technology veterans. If you click the email in question, a new tab will open and bring you to a page that appears to be a Google sign-in page but be warned – this is a fake page used to steal your user name and password.
There are a few ways that you can differentiate this fake page from a valid login page. One way to tell is the address bar in your browser. It will show a prefix of, “data:text” as opposed to starting with “https” and showing a green secured icon.
The image above illustrates how the address bar would normally look. If you do not see the green secure icon then it is likely not safe to enter your sensitive information like your user name and password. Below is an image depicting what the address bar will look like during this Gmail Phishing scam.
If you see this, do not proceed. Close that tab/window that contains this in the address bar and immediately change your Gmail password. The page will look like a legitimate page and is fully functional which is why this exploit is so effective, even with technically saavy individuals. Once the attackers have your account credentials they send emails to your contacts using one of your actual subject lines and actual attachments to further spead the attack.
How Can I Protect Myself Against the Gmail Phishing Attack?
Overall, there is no one single solution to this problem and with everything related to IT security – it should be layered. The first thing (after changing your password) would be to enable multifactor authentication in your account. It might be a pain at first but it is far better to have another step in your sign-in process than to get your data stolen and to become a bridge to infect your friends, family, and colleagues. Here is a link to the page where this setting can be enabled. This will send a code to your mobile device during a sign-in and will ask you to verify that it’s you because only you will have your mobile phone while attempting to sign-in.
You can also try to check your accounts login history if you think you may have been compromised. Just login to your gmail account and scroll to the bottom of your inbox and click, “details”. This will show you all currently active sessions as well as all of your login history.
There is also this really awesome website that will allow you to find out if your email address has been compromised in a hack. https://haveibeenpwned.com/ It’s really worth checking out.
If you need help with your IT security please let us know. We are happy to help! In the meantime, find out how you can get started with Managed IT Services by downloading our beginner’s guide.