Are You a Gmail User? Don’t Get Tricked by the Latest Scam
The newest phishing techniques are so clever, even tech savvy Gmail users are falling for it
An email scam is targeting Gmail users and it’s so clever, even those who think they are tech savvy and safe on the internet are falling for it.
How is it happening?
The scammers get you first…and then attack your contacts list by pretending to be you.
They send out emails as you, getting everyone in your contacts list to also put in their usernames and passwords and then steal their information.
People are opening their emails thinking it is from a trusted person, not knowing they are under a cyber attack.
So let’s break this down so you know what’s happening and stop yourself from becoming a victim.
How the Scam Works
According to Mark Maunder, the CEO of WordPress security plugin Wordfence, this attack isn’t new. For the past year, scammers have been trying to phish for your personal information using Gmail, but more tech-savvy people are now falling victim to it because it looks and acts legit.
Maunder says the attacker will send an email to your Gmail account. You may think it is okay because the email looks as if it is coming from someone you know. Beware. They have already become a victim of this attack. The email will also include an attachment you recognize from the sender and you click on the image so you can take a better look at it.
The image won’t open in a preview. Instead, it opens up a new tab and it looks as if Gmail is asking you to sign in again. It looks like the image 1 and it looks like a normal sign-in for your Gmail account.
IMAGE 1
In fact, if you get to this page and look up at the location/address bar, you’ll see this address:
IMAGE 2
If you sign into your account again, you are now a victim. As soon as your username and password are entered in and you sign-in, hackers will take your username and password in order to get into your emails.
They will find an email you sent to someone with an attachment, perhaps a work schedule or photo, and they will pretend to be you, sending the email to everyone in your address book. They will then link the sign-in page to the faulty hacker page.
A victim of this attack explains what happened on Hacker News:
“The attackers log in to your account immediately once they get the credentials, and they use one of your actual attachments, along with one of your actual subject lines, and send it to people in your contact list. For example, they went into one student’s account, pulled an attachment with an athletic team practice schedule, generated the screenshot, and then paired that with a subject line that was tangentially related, and emailed it to the other members of the athletic team.”
You may be thinking…’That’s all right. I don’t really send anything of any real value through my email.’
Unfortunately, that’s not what the hackers are looking for. They’re not after your pictures of that fantastic vacation or your kids’ school and sports schedule. What the hackers are after is your information. They will reset your password and use your account to find out where you bank at and what kind of credit cards and bills you have. They will contact those companies, saying you forgot your password and could they please send the login information via email. All of this can happen within minutes…long before you realize what is happening.
Now, you’re locked out of your account.
How to Stop the Scam
First, it’s important to do the very basic thing you can do to protect yourself.
Gmail offers what is called a two-step authentication. You can secure your account with a username and password and also by providing your telephone number or another key to Google. That way, if the hackers fool you enough to put in your username and password, they still haven’t been able to get through your second locked gate if they don’t have your phone number or other key. If you want to learn how to set up a two-step authentication, click here. At this same website, you can learn how to do the two-step authentication with other programs as well.
Another thing you can do if you suspect something is going on is look up at the address/location bar. Remember in image 2 what it said? Here’s the picture again.
IMAGE 2 The text before “accounts” is from hackers trying to get your information. Don’t put in your username and password if you see this in the address/location bar.
Do you see in the address/location bar it says data:text/html,https:// before you see accounts.google.com/ServiceLogin?service=mail? That’s the big flag. Nothing should be before the accounts.google.com/ServiceLogin?service=mail. Your address bar signing into your legitimate gmail account should look like this.
IMAGE 3
What to Do if You’re Already a Victim of This Scam
If you already suspect you may be a victim of this scam or if you are not sure, the first thing you should do is change your Gmail password. Once you have secured a new password, make sure you sign up for the two-step authentication. The next thing you should do is go to the Gmail Account Activity Page. There, google will have you sign into your account. You can then check to see if any other Gmail sessions were logged in so you can verify where they came from. If you see any logins from sessions you don’t know, you can kick them off immediately.
While Maunder says there is no sure way to check if your account has been hacked, he does offer information on a secure website run by a security researcher where you can check if any of your email accounts are part of any data link. Click here to go to the website, put in your email and check it against known data breaches.
For more information, please check out Maunder’s article on the subject.
