There is a highly effective Gmail phishing technique that has long been discovered since last year but has just recently gained popularity due to the growing reports about it. It is stealing log-in credentials and is having a wide impact even among experienced technical users.
About The Phishing Attack
According to an article at Word Fence, the highly effective phishing technique is hitting not only Gmail accounts but other services as well. However, it is currently being used to target Gmail customers and there have been numerous reports already.
It is said that the attack works with an attacker sending an email to your Gmail account and that email may either come from someone you know who has had their account hacked using this technique or may include something that looks like an image of an attachment you recognize from the sender. Upon clicking the image, a new tab opens up and you are prompted by Gmail to sign-in again, which you will also notice at the location bar and see:
data:text/html,https://accounts.google.com/Servicelogin?service=mail
Once you signed in, your Gmail account has been compromised, giving the attacker full access. After that, the attacker will quickly log in to your account, because researchers suspect that it may be automated or they may have a team on standby 24/7 to process accounts once they are compromised.
Having your account hacked is quite dangerous. The hackers have full access to all your emails, including sent and received, and may download the whole lot. Furthermore, they could also compromise a wide variety of other services that you use by the password reset mechanism including other email accounts and many more.
How To Protect Yourself From The Phishing Attack
First is to check the location bar. If you do so see this line:
data:text/html,https://accounts.google.com/Servicelogin?service=mail
Click it and do some further inspection which you will notice is that it's a very long string of text. Compared to the safe one, the line should be like this:
https://account.google.com/ServiceLogin?elo=1
However, if you are still in doubt, you can also do the second step, which is "enable two-factor authentication." Enabling the two-factor authentication makes it more difficult for an attacker to sign in into a service that you use, even if they manage to steal your password using the phishing technique.
