Email phishing scam affecting Office 365 users, Gmail users and others
Several weeks on and people are still being caught out by this one. Computer security starts with the operator, you need to read this and understand what is happening to give yourself the best chance of avoiding becoming the next victim.
Re-blogged from http://fortune.com/2017/01/18/google-gmail-scam-phishing/
Everyone Is Falling For This Frighteningly Effective Gmail Scam
Security researchers have identified a “highly effective” phishing scam that’s been fooling Google Gmail customers into divulging their login credentials. The scheme, which has been gaining popularity in the past few months and has reportedly been hitting other email services, involves a clever trick that can be difficult to detect.
Researchers at WordFence, a team that makes a popular security tool for the blog site WordPress, warned of the attack in a recent blog post, noting that it has been “having a wide impact, even on experienced technical users.” (See these people, whose accounts were targeted.)
Here’s how the swindle works. The attacker, usually disguised as a trusted contact, sends a boobytrapped email to a prospective victim. Affixed to that email, there appears to be a regular attachment, say a PDF document. Nothing seemingly out of the ordinary.
But the attachment is actually an embedded image that has been crafted to look like a PDF. Rather than reveal a preview of the document when clicked, that embedded image links out to a fake Google login page. And this is where the scam gets really devious.
Everything about this sign-in page looks authentic: the Google logo, the username and password entry fields, the tagline (“One account. All of Google.”). By all indications, the page is a facsimile of the real thing. Except for one clue: the browser’s address bar.
Even there, it can be easy to miss the cue. The text still includes the “https://accounts.google.com,” a URL that seems legitimate. There’s a problem though; that URL is preceded by the prefix “data:text/html.”
In fact, the text in the address bar is what’s known as a “data URI,” not a URL. A data URI embeds a file, whereas a URL identifies a page’s location on the web. If you were were to zoom out on the address bar, you would find a long string of characters, a script that serves up a file designed to look like a Gmail login page. This is the trap.
As soon as a person enters her username and password into the fields, the attackers capture the information. To make matters worse, once they gain access to a person’s inbox, they immediately reconnoiter the compromised account and prepare to launch their next bombardment. They find past emails and attachments, create boobytrapped-image versions, drum up believable subject lines, and then target the person’s contacts.
And so the vicious cycle of hijackings continues.
Google Chrome users can protect themselves by checking the address bar and making sure a green lock symbol appears before entering their personal information into a site. Because scammers have been known to create HTTPS-protected phishing sites, which also display a green lock, it’s also important to make sure this appears alongside a proper, intended URL—without any funny business preceding it.
In addition, people should add two-step authentication, an added layer of security that can help prevent account takeovers. Experts recommend using a dedicated security token as well.
A Google spokesperson acknowledged the scam in an email and directed Fortune to a statement:
We’re aware of this issue and continue to strengthen our defenses against it. We help protect users from phishing attacks in a variety of ways, including: machine learning based detection of phishing messages, Safe Browsing warnings that notify users of dangerous links in emails and browsers, preventing suspicious account sign-ins, and more. Users can also activate two-step verification for additional account protection.
Be on the lookout.
Re-blogged from http://fortune.com/2017/01/18/google-gmail-scam-phishing/
Our Services
Our fixed price Managed IT Support Programs will increase your businesses competitiveness and efficiency with our I.T. Professionals on call for you 24/7.
Class leading response times ensure your that when things do go wrong we’ll be there in a hurry so you can get on with doing what your business does best.
Testimonials
They’ve gotten to know our business so well and they’re truly interested in helping us. It’s like having our own I.T. Department in-house. Australia Wide I.T. takes a personal interest in our team, our business and where we’re going. They’re like family.
Other I.T. companies just didn’t seem to have the same depth of knowledge as these guys. Rather than blame the user (us) they go the extra mile, locate the problem and fix it – Every time!
Coral
A very big thank you from me to all of the guys there….You make things so easy for us and are always available to help.
A massive shout out to the Nash though for fixing our printer – you nailed it Nash and not only changed MY life, but also helped to save some trees in the Amazon Forest!
Thanks to you all.
Jo
All good as usual, keep up the professional service.
Diana
Very much appreciate your very quick response today. It was pay day today and I was a bit worried (that we wouldn’t be able to process the pays) but because of you all is well, so a big thanks.
Dale
Our previous I.T. Service Provider was distant, hard to contact and not customer focused. With Australia Wide I.T. we now have great service with a human touch. Our calls are answered promptly and the team is always ready to help in any way.
The maintenance program put in place by AWIT offers us peace of mind that our entire system is correctly and closely monitored.
Monica
Thanks for all your help today. Your patience & tenacity for solving the problem is greatly appreciated.
Jacinta
Your work last week was amazing. You couldn’t have been more supportive or expert in your conduct. I am very grateful and am amazed at your generous invoicing of last week’s work. I can only repay you by recommending you to as many people as possible.
Thank you. It is refreshing to know that when a problem occurs, you are always there – with great service.
Keran
We would recommend you to anyone, anytime.
Thank you all so very, very much for all your support. Not to mention bringing back my files to my Company. I cannot thank you guys enough.
Thanks again.
Leigh
Attentive and thorough, Australia Wide I.T. get onto any of our I.T. problems quickly – with prompt, friendly and efficient service. Whenever we need to upgrade, we know we can trust their knowledge in supplying flawless new equipment that always works both physically, and to suit our needs.
Alison
My business has grown from 3 stores to 5 stores over the last 3 years; one of the unfortunate consequences of this has been the fact that our old server and network could not cope with the growth. After much deliberation we chose Australia Wide I.T. to not only arrange the supply and installation of our new network, but to also provide long term support. We have been very pleased with our decision and would happily recommend them.
Bruce