X
    Categories: Resources

Watch Out for This Gmail Phishing Exploit

We’ve all been there at some point or another: your account has been compromised.

Phishing attacks are getting even more clever now, disguising themselves as what seems to look like a legitimate link to the average person.

The latest Gmail phishing exploit specifically targets Gmail customers and other services.

The attack works like this:

1. An attacker will send an email to your Gmail account. It may come from someone you know who may also have been hacked with this technique. It may even include an image or attachment you may recognize.

2. Once you click on the image though, instead of getting a preview, a new tab will open up and the window will ask you to sign into Gmail again. If you look at the URL bar, it will look like this:

And sadly, the page looks just like a Gmail account sign-in (see example on the right).

3. Once sign-in is completed, your account has been compromised. And once they have access to your account, they also have access to emails sent and received, controlling your email address.

Protect yourself from this phishing attack and others by always checking the legitimacy of links you’re clicking. If you’re suspicious, take a look at the URL for any odd prefixes.

Legitimate, safe URL

Phishing / Attack URL Examples

If you’re concerned your account has been compromised, visit this Google support page to see if someone else has been signing into your account: https://support.google.com/mail/answer/45938?hl=en

Help protect yourself and others by spreading the word about this Gmail phishing exploit.

Source: Wordfence


 

 

Austinite Web Design :