TechViews News …..
It’s a new year, and with it comes a new, and incredibly sneaky phishing attack. Ahhh, you think you can easily spot one of those when it comes in your email? It’s usually that overconfident attitude that gets people into trouble.
This new phishing attack easily hops from one Gmail account to another by searching through your email inbox and replaces attachments with a new link that looks like it’s from Google, except that it’s not.
The deception here is that the receiver sees a legitimate email from someone already in their Gmail address book, but it’s the attachment that’s been tampered with. Ugh, very sneaky.
The email will come from a familiar address in your contacts, complete with an attachment (an image or link) to click on. Some of these emails are even designed to look like replies to previous emails to your contacts, making it even harder to spot the scam right away.
But once you click on this attachment, you’ll be sent right back to your normal Gmail login page, or at least what appears to be your normal login page. It won’t be the real Google sign-in screen, a simple look at the URL will show more text than Google’s login URL.
But if you are in a hurry, or not checking your emails for validity, it’s would be easy to assume you just have to re-input your login info. The catch here is that very, very seldom will you be redirected back to your login page just to read an email.
And that’s where they get you.
After that login information is entered, the hackers will now have access to your email account through your login password, and all the messages you have stored. And here’s the real nasty part … this little piece of code replicates itself through your email with attachments so if any of those emails are replied to, forwarded, or shared in some way… it’ gets passed on.
So, If you get an email from someone in your Gmail account and it doesn’t seem quite right, take the time to examine it carefully before you click on anything:
In the URL, you can see “data:text/html…..” at the front, which shouldn’t be there. And if you scroll (a lot) past the text in the address bar, eventually you’ll come across even more funky code. At that point, you know it’s bogus.
Don’t even click it out of curiosity, simply delete it because if you carelessly let yourself get infected, then you risk infecting others you care about.
Phishing schemes are getting increasingly sophisticated. As usual, common sense is the best defense. Unfortunately, common sense get’s left behind when we’re in a hurry or we’re not paying attention.
Be Safe – Backup Your Data Regularly!
Tell us what you think in the space below. And please Subscribe (for free) on the right panel to receive our weekly newsletter, along with article updates as soon as they are published.