Caution: New Gmail phishing technique highly effective
(Credit: info source Mark Maunder – Wordfence Founder/CEO – @mmaunder)
Gmail users beware. There is a recent phishing technique used by online attackers to target Gmail accounts among other services. Unfortunately, this method has been very successful and is creating a wide impact, even on experienced tech users.
Here's the gist: "The way the attack works is that an attacker will send an email to your Gmail account. That email may come from someone you know who has had their account hacked using this technique. It may also include something that looks like an image of an attachment you recognize from the sender." Instead of seeing a preview of the attachment, you receive a prompt to login to Gmail again. **If you complete this login, your account will be compromised.**
This secondary Gmail sign on process gives the hacker access to all of your account information, including sent and received emails. They then use your contact list to send emails and attempt to compromise those accounts as well, and so on. In addition, "they could also compromise a wide variety of other services that you use by using the password reset mechanism including other email accounts, any SaaS services you use and much more."
Mark Maunder from Wordfence.com continues to explain this process and the dangers on his blog. He goes on to offer advice on how to protect yourself and what to look for, including how to change what you are looking for in the location bar of your browser. "If you can’t verify the protocol and verify the hostname, stop and consider what you just clicked on to get to that sign-in page."
Is your account already compromised?
What should you do if your email is hacked?
Read the full article here for more information.
**Please share this information in an effort to inform and protect each other from this highly effective phishing technique**
Get Cyber Safe! This is a great resource with statistics and ways to protect yourself from cyber attacks. Take a moment to look through the tips and advice and keep your personal information safe!