Cybercriminals use different ways of scams to steal our personal information and money. Malware, ransomware, and phishing are only a few of the attack that they may perform. They usually make small mistakes that help us detect their scams. However, they created a highly effective phishing scam affecting Gmail accounts and it is really difficult to detect.
So, what does this attack consist of? People are receiving emails from people in their contact lists whose Gmail accounts have already been hacked? The people affected are more likely to be convinced since the scammer has already searched the message history and has chosen an already familiar topic.
The fake email contains a PDF attachment that is actually a malicious link. This will open in a new tab and will ask you to sign in to your Gmail account again. However, there is a way to spot the scam. If this happens to you, pay attention to the location bar when you click on the link. It contains the expected accounts.google.com/ServiceLogin, but there are items before https: that should not be there. If you see data:text/html, then you should know that it is a fake link.
The trick is even bigger since the fake page displays a sign-in screen that looks identical to the official one. If you fail to notice the peculiarities and you sign in on the fake page, the hacker gets your credentials and your account is compromised.
Here are a few tips on how to avoid phishing scams. Firstly, you can check if your email account has been hacked by using the Have I Been Pwned website. Don’t click on links that you find suspicious. Better type the link directly into the address box or hover with your mouse over the link you have just received to see where it may take you.
You can also search online if a notification you received looks weird. If it is a scam, other people must have been affected by it and, as a consequence, complained online and warned other people about the threat. Do not forget to look for typos. Phishing scams are well known for the fact that they contain typos. If the scam is disguised as an official email, it should not contain typos.
Lastly, some of the main prevention means that you can use include using a security question when logging in and using security software on your devices. Be careful what files you receive and what you click on and make sure you will not get hacked.
Image Source: Flickr
The post Gmail Users Get Fooled by Effective Phishing Scam appeared first on Trinity News Daily.