It’s time to get alerted. A new phishing attack is targeting Gmail users, and it’s been highly effective. Like any other phishing scam, this also starts with an email. An email is sent to the user and instead of a random person, the email appears to be sent from one of your contacts. It may also consist of an attachment image from the sender you know.
Once you clicked on the image thinking that Google will give you a preview of the attachment, a new tab is opened. In the new tab, you are required to sign in again to your Gmail account. The address on the search bar is “accounts.google.com”. After you fill in your credentials again, the hacker gains access to the account and all your important and confidential information as well.
Google is aware of this problem and is working to improve its defense system. Aaron Stein from Google Communications said, “We help protect users from phishing attacks in a variety of ways, including: machine learning based detection of phishing messages, Safe Browsing warnings that notify users of dangerous links in emails and browsers, preventing suspicious account sign-ins, and more. Users can also activate two-step verification for additional account protection.”
After the attacker has gained access to your Gmail account, he will immediately log in and find your actual attachment and copy the subject line as well. Then they send it to the people in your contact list to gain access to other people’s Gmail mail account as well.
How Should You Protect Yourself?
To protect your Gmail account from getting hacked, you need to pay a close attention to the address in the location bar. The address bar should read “https://accounts.google.com/” If you see this address then you are protected. However, if it’s a scam, the address in the location bar would read “data:text/html.https://accounts.google.com/”
There is no sure way to check whether or not you have fallen to this scam, however, if you think you have fallen victim, it is important to change your password right away. You can even consider two-step authentication to avoid falling a victim.
You should also get into the habit of changing your password every two or three months to avoid your account from being misused.
How to Check the Current Activities in My Account?
It is easy to check the recent login activities of your Gail account. Open your Google account and click on Details in the bottom right-hand corner of the screen. Here you can easily check the recent login and the current active session. If you find some active logins from unknown sources, you can force close them.
Everyone is falling for the worryingly effective Gmail scam, have you fallen for this phishing scam yet? Let us know in the comments below!!