Google users targeted in sophisticated phishing attack
Posted by: Jon Ben-Mayor on 05/14/2014 08:34 AM
[
Comments
]
Google users should be aware of a phishing scam that is circulating at the moment; the sophisticated scam uses email allegedly sent from Google with “Mail Notice” or “New Lockout Notice” as a subject.
The body of the email goes on to say; “This is a reminder that your email account will be locked out in 24 hours, due to not being able to increase your Email storage Quota. Go to the INSTANT INCREASE to increase your Email storage automatically.”
What is interesting about this phishing attack is that users end up having the “data:” in their browser’s address bar, which indicates the use of a data Uniform Resource Identifier scheme.
The data URI scheme allows scammers to include data in-line in web pages as if they were external resources. The scheme uses Base64 encoding to represent file contents, in this case supplying the content of the fake web page in an encoded string within the data URI.
The attack is hard to detect with Chrome due to the entire string not being visible to the user; this makes Chrome a phishing scam artist's favorite. That being said, Bitdefender notes that Mozilla Firefox's browser is also affected.
According to CNBC, Bitdefender contacted Google about the phishing scam and expects the company to have a patch in place soon to help block users from accessing the site. However, blocking dangerous sites doesn't mean the threat dies.
Bianca Stanescu, a Bitdefedner security specialist was quoted as saying: "We are constantly collaborating with Facebook, Google and other institutions and letting them know that this is going on. But by the time they block them new ones are created."
The body of the email goes on to say; “This is a reminder that your email account will be locked out in 24 hours, due to not being able to increase your Email storage Quota. Go to the INSTANT INCREASE to increase your Email storage automatically.”
What is interesting about this phishing attack is that users end up having the “data:” in their browser’s address bar, which indicates the use of a data Uniform Resource Identifier scheme.
The data URI scheme allows scammers to include data in-line in web pages as if they were external resources. The scheme uses Base64 encoding to represent file contents, in this case supplying the content of the fake web page in an encoded string within the data URI.
The attack is hard to detect with Chrome due to the entire string not being visible to the user; this makes Chrome a phishing scam artist's favorite. That being said, Bitdefender notes that Mozilla Firefox's browser is also affected.
According to CNBC, Bitdefender contacted Google about the phishing scam and expects the company to have a patch in place soon to help block users from accessing the site. However, blocking dangerous sites doesn't mean the threat dies.
Bianca Stanescu, a Bitdefedner security specialist was quoted as saying: "We are constantly collaborating with Facebook, Google and other institutions and letting them know that this is going on. But by the time they block them new ones are created."
Comments
