Gmail users beware! You should be more careful about these new account hacking emails. The new phishing scam that’s fooling even some of the most experienced technical Gmail users, can steal your credentials by a single click. According to Mark Maunder, a security expert and the CEO of Wordfence which provides security to WordPress plugin, users are being sent an email including attachments as well. Once the user clicks on the attachment to preview this, it will direct them to what looks like a genuine Gmail login page.
The page, however, it’s a fake, but might tend user to make a big mistake as it looks so real. Since the email usually comes from one of your contacts who may also be a victim of this fraud email. Besides, the email may contain a subject line that will likely to be based on a concern you’ve recently discussed with your contact or even renamed the attachment to make something plausible.
What’s more worrying thing is that the URL which redirects you to your Google account login page also looks like a real one:
As per the reports suggest, once user enters his/her login details, the account becomes compromised therefore hackers will get access of his/her credentials as well as can send or receive any of the emails via the account.
Google is aware of this phishing scam and has issued a statement to Wordfence, which says:
“We’re aware of this issue and continue to strengthen our defences against it. We help protect users from phishing attacks in a variety of ways, including: machine learning based detection of phishing messages, Safe Browsing warnings that notify users of dangerous links in emails and browsers, preventing suspicious account sign-ins, and more. Users can also activate two-step verification for additional account protection.” Read Indian Startup Scams.