Skip to main content

Beware of Gmail spoofing attacks

By March 15, 2017October 23rd, 2018Security

Do you have a personal email account? Most people do, and if you are like me and many others you probably have at least one Gmail account as well. Lately hackers have been taking more creative approaches to obtain your user information and there have been recent reports of a particularly deceptive way to steal your information through Gmail.

There is a new trick hackers have been using that uses an existing conversation you have been having with someone through email to slip in their phishing attempt within your conversation. If they are successful not only will the hacker have your username and password, but then the hacker also emails your inbox with more infected emails.

The way this scam works is by having an email appear to be a part of an email chain with someone, keeping the same subject line and everything. This way it just appears as if it is an ongoing part of the conversation and appearing normal, not to raise any red flags. The difference in this is that there is an attachment that when attempting to open brings you to a new tab and prompts you to sign into your Gmail in order to view it. The fake site appears to be legitimate, but with close inspection you will see that it is not a secure site and in front (to the left) of the https:// there is actually text. The spoof site apparently even uses accounts.google.com in the URL which can fool people, so you have to pay particular attention to the https:// and if it is secure or has extra characters to the left of it.

A good practice with email is to always be wary of any attachment or link that prompts you for a password. Any time an email asks you for something, especially for sensitive information, that should draw a red flag. Most reputable places will not ask for sensitive information in an email. Another way to help protect against this type of attack is to set up two-factor authentication, where you get a call or text with a code that you input in addition to your password, so that the password alone will not give access to an account.