Skip to main content
  1. Home
  2. Computing
  3. News

New phishing scam has high success rate against tech-savvy Gmail users

By

gmail app
Image used with permission by copyright holder
Time to change your passwords, again. Well, if you’re a Gmail user anyway. A new phishing scheme, targeting Gmail users, aims to use your contact list against you by putting together a legitimate-sounding email from the contents of your inbox in an effort to compromise the accounts of your friends, family, and co-workers.

It sounds complicated, but the sophisticated attack is deceptively simple. Let’s start at the top. Just like any other phishing attempt, you’ll receive an email in your inbox, but it will look like it’s from one of your contacts — it will have details that other phishing emails don’t.

Recommended Videos

Instead of hawking male enhancement pills or fake package delivery notifications, this one will be from a friend or family member, it’ll include a plausible subject line and may include an attachment from that contact’s email box.

Related

Clicking the attachment, which may be an image, will take you to what appears to be a Gmail login page. You input your information, and your account is immediately compromised. The scammers will then use your email address to try and hook another victim from your contact list, using the same technique.

Why is this phishing scam a bigger deal than the others currently out there? Well, Wordfence points out that it’s been around for about a year, but lately, experienced, tech-savvy users have been falling prey to this attack. Because it’s so custom-tailored, and because it’s a bit more subtle than other phishing attempts, it’s a tough one to spot.

After all, Gmail does a pretty good job of diverting dangerous emails from your inbox, but these ones come from your contacts, people who you likely know or work with, so they’re able to bypass standard spam protections.

Luckily, there are some surefire protections you can use. First, as is always a good idea, change your password, and enable two-step verification. Now would be a good time to start using a password manager like LastPass.

Now on to the actual phishing scam itself. If you click any link or attachment in an email and Gmail prompts you to re-enter your credentials, stop, and double-check your URL or address bar.

The beginning portion of the URL should read “https://accounts.google.com” but if it reads “data:text/html” before the HTTP portion of the URL, do not enter your credentials. Close the site, clear your cache, report the email, and change your password just to make sure.

Editors’ Recommendations

Topics
Jayce Wagner
Jayce Wagner
Former Digital Trends Contributor
A staff writer for the Computing section, Jayce covers a little bit of everything -- hardware, gaming, and occasionally VR.
Google reportedly working on new Gmail logo, suggesting upcoming changes
Gmail app icon.

Google is reportedly working on a new logo for Gmail, which likely means that a major overhaul for the email service is on its way.

Google sent an image to 9to5Google that offers a glimpse at the new Gmail logo, which appears to still be under construction.

Read more
Google blocking 18 million scam emails related to coronavirus daily
Gmail app icon.

It’s not just the coronavirus that's creating havoc. Related scams and malware are causing trouble, too, with cybercriminals seemingly intent on taking advantage of what is already a dire situation for many folks.

Highlighting the extent of the problem, Google has revealed that on each day over the past week, its Gmail-linked computer systems detected -- and blocked -- 18 million malware and phishing emails related to the coronavirus, also known as COVID-19.

Read more
Nvidia RTX 50-series GPUs: everything we know so far
RTX 4070 seen from the side.

Nvidia already makes some of the best graphics cards, but it's also not resting on its laurels. The RTX 40-series, which has been bolstered by a refresh, is now almost two years old, and Nvidia is hard at work on the next generation of GPUs.

The release date of RTX 50-series GPUs is still at least a couple of months away, but various rumors and leaks give us a better idea of what to expect. Here's everything we know about Nvidia's upcoming generation of graphics cards.
RTX 50-series: pricing and release date

Read more