Sophisticated Gmail Phishing Scam: Don’t Get Caught In The Net
A sophisticated Gmail phishing scam that first popped up last year seems to gaining steam, even among tech-savvy consumers, because it’s unusually well-designed.
This new scheme employs the usual trick of getting the email recipient to click on a bogus link, but the email appears to be from a known contact and the form that displays when the link is clicked looks totally legitimate—even its URL seems on the up-and-up at first glance. From the Wordfence security blog (images from Wordfence security blog also):
The way the attack works is that an attacker will send an email to your Gmail account. That email may come from someone you know who has had their account hacked using this technique. It may also include something that looks like an image of an attachment you recognize from the sender.
You click on the image, expecting Gmail to give you a preview of the attachment. Instead, a new tab opens up and you are prompted by Gmail to sign in again. You glance at the location bar and you see accounts.google.com in there. It looks like this…
You go ahead and sign in on a fully functional sign-in page that looks like this:
Once you complete sign-in, your account has been compromised.
Click here to read the full post on the Wordfence security blog, which includes an update with a response from Google.
* * *
Etymotic Research Isolator MK5 Noise-Isolating In-Ear Earphones (UK visitors – click here) are high quality, moderately priced earbuds that offer two different styles of ear cushion, including a pair of memory foam cushions, to ensure that even those with the most sensitive ear canals can listen in comfort. Package also includes a zippered storage pouch and cord clip. Currently priced at $59 and rated 4/5 stars on Amazon’s US site, 5/5 stars on Amazon UK.
Advertisements make it possible for Digital Media Mom to bring you great content for free, so thanks for your support.
* * *