Gmail-phishing-campaign-2fa-
Be careful when opening PDFs and images in Gmail. Image: TheUSBport.

A new phishing technique engineered specifically to work with Gmail is the subject of recent concern for many cyber security outlets, including Wordfence, WordPress’ digital safety blog. They were the first to report on this threat.

Most news outlets report the tactic is highly efficient and even tech-savvy users are likely to fall for it.

The scam can even affect users who have enabled two-factor authentication in Gmail, some sources note.

However, most blogs report that having this feature on at all times is still the best defense against these threats. Google has not released any official statements on the matter.

How the Gmail phishing scam works

According to Wordfence, it starts with a simple email, most likely from a friend of acquaintance that’s been hacked previously, which makes people more likely to open it.

The email contains an attachment that looks like the standard PDF image or document in Gmail. However, if a user clicks it, it takes them to a new tab with a fake address designed to look like Google’s HTTP secure websites (https).

The https signature can be enough to deceive some users into logging in with their password because the fake site looks like a regular Google Accounts ‘Sign In’ page.

The phishing scam might get through regular SMS codes

A small number of victims, according to some sources, have reported the fraud also includes a two-factor authentication code input to deceive users who have enabled extra security.

Two-factor ID, or 2FA, requires users to give another credential to log in to their accounts. Usually an SMS from Google with a unique code for each login. Mark Maunder, from Wordfence, did not confirm this supplementary threat in his initial report.

Security experts do agree that bypassing 2FA security would require hackers to work in real-time before the codes expire, which makes it highly unlikely.

How to protect yourself from this scams

The best way to avoid giving up your information is to keep Gmail up to date with both a phone number and a recovery email. Also, users should consider enabling 2FA. Google calls it ‘two-step verification.’

Concerned Gmail customers might also want to check the address bar for the green-coloured ‘https’ signature. If the address bar is not green but regular black-and-white, something might be wrong with it.

A third security measure is to confirm with friends and acquaintances before opening unwanted files, even if they come from a trusted source. This step might be problematic, but it helps to discover most threats.

Source: Tech Target / WordFence