. Gmail Phishing Attack Fools Tech-savvy Users - MajorGeeks

MajorGeeks.com - Get your Geek on.

All In One Tweaks

Antivirus & Malware

Drives (SSD, HDD, USB)

Graphics & Photos

MajorGeeks Windows Tweaks

Office & Productivity

· How To and Tutorials
· Life Hacks and Reviews
· Way Off Base
· MajorGeeks Deals
· News
· Off Base
· Reviews

· YouTube
· Facebook
· Instagram
· Twitter
· Pintrest
· RSS/XML Feeds

· News Blur
· Yahoo
· Symbaloo

· Top Freeware Picks
· Malware Removal
· Geektionary
· Useful Links
· About Us

· Copyright
· Privacy
· Terms of Service
· How to Uninstall

1. Smart Defrag

2. Macrium Reflect FREE Edition

3. Visual C++ Redistributable Runtimes AIO Repack

4. K-Lite Mega Codec Pack

5. Visual C++ Runtime Installer (All-In-One)

6. Sergei Strelec's WinPE

7. McAfee Removal Tool (MCPR)

8. MusicBee Portable

10. Microsoft Visual C++ 2015-2022 Redistributable Package

How To Create a Desktop Shortcut

What is a WebP Image?

How to Manage Virtual Memory (Pagefile) in Windows 10 /11

Enable, Disable, Manage, Delete or Create a System Restore Point

Backing Up Your Data Effectively: A Geek's Guide

How to Properly Use Microsoft System File Checker in Windows 11 and 10

Show Your Support for MajorGeeks a Donation

Resolving Strange PC Errors: The Role of RAM in System Performance

How to Fix Critical Process Died in Windows 10/11

Every Known Windows Terminal, Command Prompt and PowerShell Command

Gmail Phishing Attack Fools Tech-savvy Users

Posted by: Timothy Weaver on 01/16/2017 12:01 PM [ Comments ]

A new tech-savvy phishing attack is targeting Gmail users. The purpose of the attack is to gain Gmail credentials.

The attack unfolds with a compromised account. This can be accomplished by trying a password from data dumped breaches.

Once they have a compromised account, the criminals search through the emails until they find one with an attachment. They then create an image (screenshot) of it and include it in a reply to the sender. If the potential victim clicks on the attachment, they are sent to a fake Gmail log in page where they are prompted to enter their login details.

The fake page is a good copy of the real thing including the accounts.google.com subdomain which is good enough to fool even the tech-savvy.

WordFence CEO Mark Maunder warns: “This phishing technique uses something called a ‘data URI’ to include a complete file in the browser location bar. When you glance up at the browser location bar and see ‘data:text/html…..’ that is actually a very long string of text.”

Once they have the login credentials, the attack chain starts all over again.

Maunder suggest users stay safe by using two factor authentication.

Source: HelpNet Security

Comments

comments powered by Disqus

© 2000-2024 MajorGeeks.com

Powered by Contentteller® Business Edition