Come 2017 and phishers have a new way to hack into your Gmail account. The phishing mail would come from one of your contacts and there will be nothing suspicious about it. Everything will look very normal.
It is such a sophisticated way to get hold of your log in details that even alert and experienced users have fallen for it. It was first brought to light by Mark Maunder, who is the CEO of WordPress. His security plugin Wordfence detected that the phishing attack is to send an email from a familiar contact with a PDF attachment. In most of the cases, this attachment has the same name which you have used earlier.
What actually looks like a harmless PDF to anyone is a sly disguise. It is actually an image which when clicked will launch a new tab. This new tab would look like this.
The attackers have made a very convincing imitation of the Gmail sign-in page. Many users have entered their login details which go straight into the hackers’ hands. Now hackers can steal, sell or compromise your data. Worse, they will use your email and your past messages to send another round of phishing emails to your Gmail contacts.
However there are ways to keep your account safe – always keep an eye on the URL. When you click the PDF and it shows you the log-in page, it shows something like this.
The legitimate Gmail sign-in page URL will always begin with a lock symbol and with the words ‘https://’. But the phishing URL says ‘data:text/html,https://’.
You can further check this fake URL. Press enter to the address bar. Then you can see that the fake URL is in fact extremely long with a suspicious white space put to hide it.
Keep your account protected as well as of your contacts. Let others know so that they can stay safe too.
Image credits: www.independent.co.uk, thehackernews.com