New Gmail phishing technique fools even tech-savvy users

  • 16 January 2017
  • 0 replies
  • 3 views

Userlevel 7
Badge +52
An effective new phishing attack is hitting Gmail users and tricking many into inputing their Gmail credentials into a fake login page.
 

How the attack unfolds

The phishers start by compromising a Gmail account, then they rifle through the emails the user has recently received.
After finding one with an attachment, they create an image (screenshot) of it and include it in a reply to the sender. They use the same or similar subject line for the email, to invoke recognition and automatic trust.
 
“You click on the image, expecting Gmail to give you a preview of the attachment. Instead, a new tab opens up and you are prompted by Gmail to sign in again,” WordFence CEO Mark Maunder warns.
Full Article

0 replies

Be the first to reply!

Reply