Providing Free and Editor Tested Software Downloads

MajorGeeks.com - Geek before it was Chic.

All In One Tweaks

Antivirus & Malware

Drives (SSD, HDD, USB)

Graphics & Photos

MajorGeeks Windows Tweaks

Office & Productivity

· How To and Tutorials
· Life Hacks and Reviews
· Way Off Base
· MajorGeeks Deals
· News
· Off Base
· Reviews

· YouTube
· Facebook
· Instagram
· Twitter
· Pintrest
· RSS/XML Feeds

· News Blur
· Yahoo
· Symbaloo

· Top Freeware Picks
· Malware Removal
· Geektionary
· Useful Links
· About Us

· Copyright
· Privacy
· Terms of Service
· How to Uninstall

1. GS Auto Clicker

2. Macrium Reflect FREE Edition

3. Smart Defrag

4. Visual C++ Redistributable Runtimes AIO Repack

5. Visual C++ Runtime Installer (All-In-One)

6. McAfee Removal Tool (MCPR)

9. Sergei Strelec's WinPE

10. K-Lite Mega Codec Pack

How to Disable 1-Click Ordering on Amazon (and Avoid Surprise Charges)

How to Fix Shallow Paint Layer Depth in Bambu Studio

Aviator Betting Game Secrets: Unlock 97% RTP & Triple Your Wins

Windows Recall: What It Is, Why Hackers Will Love It, and How to Stay Safe

Star Trek Fleet Command Promo Codes: Redeem Codes for Free Shards, Blueprints And Resources

How To Use VLC Media Player to Trim Video Clips

What Is the $WinREAgent Folder and Can I Delete It?

Swear Your Way to Better Search Results

How to Get a Dark Start Menu and Taskbar in Windows 10 & 11

Enable, Disable, Manage, Delete or Create a System Restore Point

Gmail Phishing Attack Fools Tech-savvy Users

Posted by: Timothy Weaver on 01/16/2017 12:01 PM [ Comments ]

A new tech-savvy phishing attack is targeting Gmail users. The purpose of the attack is to gain Gmail credentials.

The attack unfolds with a compromised account. This can be accomplished by trying a password from data dumped breaches.

Once they have a compromised account, the criminals search through the emails until they find one with an attachment. They then create an image (screenshot) of it and include it in a reply to the sender. If the potential victim clicks on the attachment, they are sent to a fake Gmail log in page where they are prompted to enter their login details.

The fake page is a good copy of the real thing including the accounts.google.com subdomain which is good enough to fool even the tech-savvy.

WordFence CEO Mark Maunder warns: “This phishing technique uses something called a ‘data URI’ to include a complete file in the browser location bar. When you glance up at the browser location bar and see ‘data:text/html…..’ that is actually a very long string of text.”

Once they have the login credentials, the attack chain starts all over again.

Maunder suggest users stay safe by using two factor authentication.

Source: HelpNet Security

Comments

comments powered by Disqus

© 2000-2025 MajorGeeks.com

Powered by Contentteller® Business Edition