Gmail Email Phishing Exploit How to Protect Yourself

posted in: Blog | 0

Maureen McCullough LLC is your local Northern New Jersey marketing agency who cares about your online safety and security. We consider it our duty to at the very least make you aware of scams that can really compromise your identity and much, much more.

In our last blog post we mentioned how hackers and those dubious people with too much time on their hands and bad intentions in their hearts replicate, duplicate or copy websites to look like the real deal, then, steal from you.

Today's article covers a topic of exactly that and then some. A wide spread email / Gmail phishing scam that is gaining in popularity has stolen passwords, logins, credentials, and identities from many people because those individuals clicked on an attachment that brought up a bogus page that looked like the real thing and then worst of all, used their legitimate credentials to log into the bogus site. BAM!!!!

Here is how this scam works. 

You receive an email with an attachment from either someone you know, or maybe don't know. Well obviously if you don't know the sender, you should think twice about opening that attachment.

TIP: What we do, is we call the sender, if they have given us their phone number, and we ask them to fax the attachment to us, especially if it is a new company we've only started dealing with. If we absolutely have no clue who the sender is, the entire email goes out in the trash. But I digress .............

So let's assume you receive an email from someone you know, which contains an attachment. You click on the attachment, expecting your Gmail to give you a preview of the attachment. But instead .........

A new tab opens on your browser and you are weirdly enough being prompted by Gmail to login again. DO NOT CLICK ON THAT LOGIN!!

I know it's a knee jerk reaction to login. However, think what you are doing. If you are already logged in to Gmail, why would you be prompted out of the blue to login yet again????? 

Gmail will always give you a secure, green lock, HTTPS:// domain to login. Gmail will never give you an insecure, no lock HTTP:// domain to login. First clue. 

This attachment opens up to neither a green lock HTTPS:// or an insecure no lock HTTP:// domain. 

Instead in your browser bar you see the following: data:text/html, blah blah blah - what kind of a weird URL is that, pray tell??

Now if you haven't been vigilant and looked at your browser bar, you no doubt have already logged in to that Google copycat website screen that looks so convincingly legitimate. Oooops....................

Our advice, always look at the browser bar as a matter of habit before opening any website. It'll save you alot of grief one day down the road.

Ok so now you are asking, what's the impact?

  • the hacker controls your email
  • hacker can change your password
  • hacker can set filters to delete your incoming emails
  • hacker can disable your authentication settings
  • hacker has immediate access to all your emails and all your contacts
  • hacker pulls a random email attachment of yours, creates a dummy screenshot, a legitimate subject line, and sends it out to your contact list with the phishing link noted above, the weird URL
  • hacker now has the ability to break into all of your accounts online that use your email address, change passwords, and create unbridled havoc and stress in your life

Be smart. ALWAYS observe the browser bar URL. If it doesn't start with HTTPS or HTTP and instead starts with data:text/html,https:// THIS IS NOT A LEGITIMATE domain name. Get out of there, shut it all down, close your browser, clean your cache.

And, may I note, if you are using Outlook or any email service that is stored directly on your computer, they will be able to access all your stored passwords in your browser. It happened to us, in our office, we were demo-ing a new email service and we saw it happen right in front of our eyes. We literally yanked the plug out of the wall. Not kidding. And had that particular computer professionally cleaned before reattaching it to our office network.

Call or text us at 201.753.1677.