Gmail phishing alert – attachment links contains script to get credentials

Gmail phishing alert! A new Gmail phishing technique has been discovered. The way the hackers work is by the following steps:

  1. First, you get sent an email to your Gmail account
  2. The email appears to be from someone you know, who’ve had their account hacked with this technique
  3. The email will include an attachement, like an image, where you expect to see the image
  4. However, you will be asked to sign into Gmail again – however, some script is capturing your login details

Quoting Wordfence, who posted a comment from Hacker News:

“The attackers log in to your account immediately once they get the credentials, and they use one of your actual attachments, along with one of your actual subject lines, and send it to people in your contact list.”

The thing to look out for, is when opening the attachement, you get sent to that login page again (step 4 as noted above): the url includes scripting code to capture your Gmail login credentials. Example:
The url contains the script to execute this action. A very sneaky way of getting your login credentials.
The aforementioned Wordfence has a very extensive article on the way the hackers work, how to prevent it from happening to you and more resources.
See their article here for full details, including tips to find out if your Gmail account has been hacked.

Gmail phishing alert: why do phishing emails still work in the year 2017?

In 2014 I wrote about why phishing scams and spam, and why they still work. See Email comic: Why phishing scams and spam still works.
The comic:
gmail phishing alert - dilbert comic
People still get spam, and phishing scams still work as well. The reason why they still is because of the following reasons:

  • Hackers and scammers get more inventive, using trusted sources / names to bypass human spam filters
  • Scripts and other means to get personal info get tucked away better, like in the url as in the above example
  • Many people are still not paying attention when it comes to security: either for their online accounts, for personal info, or with regards to the websites they visit.

By applying some checks before clicking somewhere in an email (or on a website), or filling in personal information, you can prevent your details ending up in the wrong hands. Stay safe people, online too!
[plain_list query_type=”tags” tags=”gmail, security” num=””]


Leave a Reply

Your email address will not be published. Required fields are marked *