After revealing its new Google Mail improvement (users will now be able to web stream video attachments), the tech company said that a new type of phishing is plaguing the online world. Online security experts declared the new phishing scam is quite hard to detect even to the trained eye. Follow us to learn all about this new scam and, of course, how to protect against it.
Now, everybody knows that phishing scams are nothing new under the sun. Nowadays, there are dozens of websites out there which want to trick you into revealing your credentials. However, most of them are so predictable, that even a kindergartener can tell what it is.
But, now and then, we find out that about a phishing scams that are really hard to detect. Recently, Google declared via an online statement that a new type of phishing scam is affecting Google Mail users. Furthermore, the only way to actually detect and stay away from them is to pay close attention.
So, what’s this all about the new Google Mail phishing scam? According to Google, a couple of Gmail users reported receiving strange e-mail from unknown, yet trustworthy sources. Now, the phishing scam tricks the Gmail user into believing that it came from someone familiar – maybe a co-worker who has a new mail address or from someone outside his contact list.
Each of these e-mails will contain any number of attachments. According to Google, the attachments will most likely contain Microsoft Word attachments. Naturally, the user will be compelled to click on the documents in order to view its contents.
Now, instead of firing up Microsoft’s Word of Google’s Docs, you will be redirected to the ‘official’ Google Mail sign-up/registration page, where you will be asked to enter your credentials (i.e. e-mail/username and password). Baffling enough, instead of taking you back to your Gmail inbox, the screen will remain blank.
Google said that after entering your credentials, the bogus sign-in page would steal your credentials. Moreover, it appears that the so-called attachments aren’t really Microsoft Word documents, but redirect buttons.
So, how can we protect ourselves against this Google Mail phishing scams? First of all, make sure that the person who sends this e-mail is in your list of friends. Second, and probably the most important aspect, is to take a good look at the redirect page’s link. If it’s an URL, it’s safe to follow it. On the other hand, if it’s a data URI, then it’s more likely a phishing scam.
Stay safe, guys!
Image source: Wikipedia