This just in – a new cyber attack targeting Gmail users has been stealing peoples’ information all across the USA.
The scam goes like this: you get an email from someone posing as a Google admin, and they’ll send you an icon that looks exactly like a PDF file is attached. The only thing is it’s not a PDF file, but rather, it re-directs to a fake Google login page that’s almost identical to the real one.
If you do, in fact, fall for the scam, the hackers will immediately have access to your gmail, and will use it to recover “forgotten passwords,” to all of your other Gmail associated accounts. In a world where everything is more interconnected than ever, this is extremely dangerous.
Fox News reports:
“…the cyber security experts at Wordfence first brought this new scam to light earlier this year. In a nutshell, the scam targets Gmail users who access their email accounts in a web browser.”
“It displays a graphic that looks identical to the graphic Google uses to indicate a PDF or Word document attachment, but it embeds the image in the email body itself. When the user clicks on it, he or she is redirected to a page that looks just like the normal Google login screen.”
“While the look is spot on, the page isn’t actually hosted on Google’s servers. Instead, it’s a recreation of the Google sign-in page that steals a user’s login credentials as he or she inputs a username and password. Those credentials are then used to gain access to the victim’s Gmail account and further spread the scam.”
Here is an example of what the scam looks like, tweeted out by an individual who almost fell prey:
This is the closest I’ve ever come to falling for a Gmail phishing attack. If it hadn’t been for my high-DPI screen making the image fuzzy… pic.twitter.com/MizEWYksBh
— Tom Scott (@tomscott) December 23, 2016
What makes this scam so dangerous is the fact that it looks almost IDENTICAL to Google’s PDF attachments—as victims of this phishing scam are finding out, however, it’s an embedded image that leads to a fake Gmail login page.
The way that you can tell whether or not the URL is a legitimate, safe Google page, is by looking at the beginning. It should begin with “https:” but the scam’s login page begins with “data:text/htyml”
Do yourself and everyone else a favor, and SHARE THIS! I’m tired of dishonest, manipulative hackers taking advantage of innocent people, and it’s damn time that their sneaky tactics are exposed.