Dangerous IT Security Issue On The Loose

January 18th, 2017 News
Dangerous IT Security Issue On The Loose

Do you use Gmail to manage your accounts? Don’t fall prey to the latest phishing scam, which compromises IT security for your entire business.

Even if you’re a seasoned IT professional, you may be susceptible to this Gmail phishing technique, which uses authentic copy from a trusted source to gain access to your Google account.

Once the attacker gets access to your account, they may access any software-as-a-service (SAAS) accounts or any business logins by attempting to reset the password using your email as verification.

How does this phishing scam work?

Here’s what you need to know about this latest phishing scam:

  1. This phishing scam specifically targets Gmail users
  2. The attacker sends an email to your account from someone in your contact list, who has already been hacked. The email uses one of the subject lines that your contact has written in the past.
  3. The phishing email includes an image that looks like an actual attachment from your contact, because the hacker has access to the documents that your contact actually prepares through Google.
  4. If you attempt to click on the attachment, you will be led to a Google Verification screen with a URL similar to “data:text/html,https://accounts.google.com/ServiceLogin?”
  5. You are on a fake, fully-functional login page. The second you enter your login credentials, the attacker will hijack your account.

Once your account is compromised, the attacker will use one of your actual attachments, with an actual subject line to match, to send to your contacts and hijack their accounts as well.

When a hacker has complete access to your email, they may choose to log in to any online service you have signed up with through Gmail. They may simply choose to reset the password, using your email address as verification.

Not only does this phishing scam compromise your email account, but all your contacts will be potential victims as well.

How do you protect yourself?

It is important to note that this scam is rather well thought-out, and the URL and login page mimics the actual screens you would see when attempting to log into Google.

Here are a couple safeguards you can take to protect yourself from this type of phishing:

  1. Verify the protocol, then verify the hostname URL you’re led to.
  2. Make sure there is nothing between the hostname “accounts.google.com,” other than the green lock symbol and “https”
  3. For proactive protection, enable two-factor authentication on your Google Account to guard against hackers in advance.
    1. If you are unaware of how to set up two-factor authentication, please contact our IT support team and we would be happy to help
  4. If you believe that your account may already be compromised, change your password immediately.

We hope that you’ll be able to steer clear of a potential disaster with the above IT security tips.

Please share this blog post to protect your friends, family and coworkers as anyone is susceptible to this new phishing scam. This scam has been around for nearly a year, and is increasingly gaining traction.

For proactive IT security and the most up-to-date knowledge of phishing scams and hacking trends, Quicktech is here to protect your business. Learn more about our managed IT services.