Google account holders are warned to be vigilant after an enhanced phishing attack was spotted that can give hackers full access to any user’s account.
Bitdefender, the antivirus security firm, detailed that a hard to spot email is sent out to customers explaining that they need to increase the email storage quota of the account involved and the threat has so far bypassed Google Chrome’s uniform resource identifiers [URIs]
The email reads, “This is a reminder that your email account will be locked out in 24 hours. Due to not being able to increase your Email storage Quota. Go to the INSTANT INCREASE to increase your Email storage automatically.”
Once the INSTANT INCREASE link has been clicked it directs the user to a Google login web page that looks the same as the real thing and requests various account details that are used to infiltrate the account.
“With access to users’ Google accounts, hackers can buy apps on Google Play, hijack Google+ accounts and access confidential Google Drive documents. The scam starts with an email allegedly sent by Google, with “Mail Notice” or “New Lockout Notice” as a subject”
The data URI scheme means that scammers can include data in-line in web pages like they are external resources and it uses Base64 encoding to represent file contents, and in this instance supplies the content from the fake page encoded within the data URI.
Full Article
Google accounts fall prey to complex phishing scam
Userlevel 7
+52
Be the first to reply!
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.