Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet Security.ca and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet Security.ca today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

New Gmail phishing attacks were recently discovered

Sponsered ads:
Read the latest IT news. Visit ItDirection.net. Updated several times daily.

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.

January 16, 2017

A recently discovered Gmail phishing attack scheme allows cyber criminals to hack into and then scan through inboxes to target account owners' contact information and email addresses with thoroughly convincing fake messages that can easily confuse message recipients.

The new attack vectors utilize the file names of sent attachments and applies that name into new attachments that appear to be PDFs but are actually images that send victims to phishing pages when clicked.

Suitable subject lines stolen from sent emails are applied to the new phishing emails, making the malicious messages appear more legitimate to viewers.

Even the URL to which the attachments point is crafted to appear legitimate, bearing the google.com domain, asserts WordFence CEO Mark Maunder who was the first to report the attacks.

"You are probably thinking you’re too smart to fall for this. It turns out that this specific attack has caught, or almost caught several technical users who have either tweeted, blogged or commented about it," Maunder warned.

"It is in fact very easy to get caught in this if you don't pay close attention. The scheme is being used right now with a high success rate. This same technique can be used to easily steal user credentials from many other platforms, using many variations in the basic technique," he asserted.

However, internet users who fall for those attacks can be saved by two factor authentication. One user claiming to be a system administrator at a school says the attacks compromised students and three staff within two hours, using an athletic schedule paired with a subject line to pull off the attacks.

Tom Scott, a school system administrator said-- "This is the closest I've ever come to falling for a Gmail phishing attack. If it hadn't been for my high-DPI screen making the image fuzzy, I would have been taken in," he commented.

Attackers use the data URI scheme to embed a file in the browser location bar which executes once their malicious attachment is clicked, displaying the fake Google login page and google.com address in the URL bar.

Keen eyed users may spot the URL prefix data:text/html or the lower resolution Google image in the phishing page.

To be sure, white space separates and hides the URL from the file text which invokes the phishing page in a new browser tab, in a subverted effort to make things look more genuine...

Maunder added that the phishing attacks do not trigger Google's green or red secure and insecure HTTPS security indicators, giving it an appearance of uniformity that makes the attacks highly effective, even to some people that would know better.

"In overall user interface design and in human perception as well, various elements that are connected by uniform visual properties are still perceived as being more related than elements that are not connected," he warned.

Maunder strongly recommends that Google change the color of its data:text/html prefix in browsers to amber which would most likely get most user's immediate attention. Users are strongly cautioned to be extremely vigilant.

Source: WordFence LLC.

Sponsered ads:
Read the latest IT news. Visit ItDirection.net. Updated several times daily.

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.


Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact
Copyright © Internet Security.ca    Terms of use    Privacy agreement    Legal disclaimer