Users of Gmail may have to be more careful against a new phishing attack that threatens to steal their Google Account passwords, a security vendor said.
Ironically, Bitdefender said users of Google's Chrome are more vulnerable because the browser may not always display the whole URL in its address bar.
"As Google Chrome doesn’t show the whole string, regular users have a hard time figuring out they are targeted in a phishing attack and may give their data to cyber-criminals," Bitdefender security specialist Bianca Stanescu said in a blog post.
Once hackers gain access to Google accounts, they can "buy apps on Google Play, hijack Google+ accounts and access confidential Google Drive documents," she added.
The scam starts with emails appearing to be sent by Google, with “Mail Notice” or “New Lockout Notice” as a subject.
It claims the recipient's email account "will be locked out in 24 hours” because the user failed to increase his or her email storage quota.
Prospective victims are instructed to "Go to the INSTANT INCREASE to increase your Email storage automatically.” When they click the link, they are brought to a fake Google login web page that asks for their credentials.
"Scammers usually pose as services that contact people by e-mail for announcements or notifications. Google, Facebook, eBay, phone services and financial institutions are among phishers’ favorite disguises to invade inboxes worldwide," Stanescu said. — Joel Locsin/TJD, GMA News
No comments:
Post a Comment