There is a new phishing technique that tries to fool internet users into giving hackers access to their Gmail accounts.
According to WordPress security plugin creator Wordfence, the way that the attack works is that hackers send emails to the contacts of compromised accounts containing a seemingly innocuous attachment. When the user clicks the attachment, a new tab opens in the browser that looks nearly identical to the Google sign-in page. If the user inputs their log-in information, it goes straight to the attacker.
On Hacker News, a commenter describes an incident that occurred at his school last year in which several employees and students were tricked into handing over their account information to attackers after receiving compromised emails and opening the attachments, thus perpetuating the cycle:
Here’s what you need to look out for in your address bar to avoid this attack:
As seen above, not only is the beginning of the string odd, but there is a script hidden behind a long wall of whitespace. Nobody will be able to see the script in the address bar without tapping on it and scrolling to the right, but there are several other signs to watch out for that are even more obvious.
According to WordPress security plugin creator Wordfence, the way that the attack works is that hackers send emails to the contacts of compromised accounts containing a seemingly innocuous attachment. When the user clicks the attachment, a new tab opens in the browser that looks nearly identical to the Google sign-in page. If the user inputs their log-in information, it goes straight to the attacker.
On Hacker News, a commenter describes an incident that occurred at his school last year in which several employees and students were tricked into handing over their account information to attackers after receiving compromised emails and opening the attachments, thus perpetuating the cycle:
"It’s the most sophisticated attack I've seen. The attackers log in to your account immediately once they get the credentials, and they use one of your actual attachments, along with one of your actual subject lines, and send it to people in your contact list.While the idea of having a Gmail account serve as a host for the chain of hacks to continue is frightening enough, the hackers will also have the ability to download and read through all of your private emails, as well as gain access to other information connected to the Google account (or whichever service is hacked).
For example, they went into one student’s account, pulled an attachment with an athletic team practice schedule, generated the screenshot, and then paired that with a subject line that was tangentially related, and emailed it to the other members of the athletic team."
Here’s what you need to look out for in your address bar to avoid this attack:
As seen above, not only is the beginning of the string odd, but there is a script hidden behind a long wall of whitespace. Nobody will be able to see the script in the address bar without tapping on it and scrolling to the right, but there are several other signs to watch out for that are even more obvious.
No comments:
Post a Comment