Gmail users have been warned to beware a new online scam which could leave them open to hackers.
Hackers are tricking customers of Google’s email service into clicking on fake links which then let criminals steal their personal information.
Discovered by Mark Maunder, the CEO of WordPress security plugin Wordfence, the attack first sees the hacker send an email appearing to contain a PDF with a familiar file name.
That PDF, however, is actually a cleverly disguised image that, when clicked, launches a new tab that looks like this:
It’s the Gmail sign-in page, right? Not quite. A closer look at the address bar will show you that all is not quite as it seems:
However the page is actually a portal for hackers to steal your email address and password information – giving them full access to your account.
The hackers can then spread their virus even further by sending emails to all of your contacts.
And even worse, if you use the same login details for other websites or accounts, the hackers will be able to gain access to these to. If you’re worried that a phishing email has landed in your inbox, there’s an easy way to make sure you don’t hacked.
The second login page, which opens when you click on the infected link or attachment, will display a web domain a world apart from what it should be.
That’s because the criminals use a tactic called “data URI” (shown above), where a legitimate-looking web address is put in the domain name, but then followed up by a load of white space which hides a malicious link.
The best way to make sure you don’t caught out is to make sure that the domain you use to log in has nothing before the hostname ‘accounts.google.com’ other than ‘https://’ and the green lock symbol.
Source: wordfence.com