Monday, 08 May 2017 09:01

Massive phishing attack targets millions of Gmail users

By: 
An unusually sophisticated identity phishing campaign appeared to target Google's roughly 1 billion Gmail users worldwide, seeking to gain control of their entire email histories and spread itself to all of their contacts, Google confirmed Wednesday.
 
The worm — which arrived in users' inboxes posing as an email from a trusted contact — asked users to check out an attached "Google Docs," or GDocs, file. Clicking on the link took them to a real Google security page, where users were asked to give permission for the fake app, posing as GDocs, to manage users' email account.
 
 
 
To make matters worse, the worm also sent itself out to all of the affected users' contacts — Gmail or otherwise — reproducing itself hundreds of times any time a single user fell for it.
Screenshot 3 
The strategy is a common one, but the worm that was released Wednesday caused havoc for millions of users because of its unusually sophisticated construction: Not only did the malicious link look remarkably realistic and trustworthy, but the email that delivered it also appeared to come from someone users already know — and the payload manipulated Google's real login system.
 
 
Google said it had "disabled" the malicious accounts and pushed updates to all users. The vulnerability was exposed for only about one hour, and a spokesperson told NBC News on Wednesday night that it affected "fewer than 0.1 percent of Gmail users" — which would still be about 1 million.
 
"While contact information was accessed and used by the campaign, our investigations show that no other data was exposed," the spokesperson said.
 
It could have been a potential calamity for unsuspecting victims: With control of your Gmail account, scammers can harvest any personal data you've ever sent or received in an email. That can allow them to generate password-reset requests on scores of other services, potentially letting the hackers take over, for example, your Amazon, Facebook or online bank accounts.
View image on Twitter
View image on Twitter
Phishing (or malware) Google Doc links that appear to come from people you may know are going around. DELETE THE EMAIL. DON'T CLICK. 
 
Employees and others connected to large companies, especially educational institutions and journalism organizations, began flooding social media about 2:30 p.m. ET reporting that they'd received the malicious email.
 
 
Employees and others connected to large companies, especially educational institutions and journalism organizations, began flooding social media about 2:30 p.m. ET reporting that they'd received the malicious email.
View image on Twitter
 
View image on Twitter
Be careful, Twitter people with Gmail accounts! Do not click on the "doc share" box. It's a solid attempt at phishing. 

What you can do

While the malicious email was a dead ringer for a real message from a trusted friend, there was one key giveaway: The mail was sent to a fake email address in the main recipient field — This email address is being protected from spambots. You need JavaScript enabled to view it.. Users' addresses were included in the BCC field.
 
If you received a Gmail message with the mailinator.com address as the main recipient, report it as phishing by clicking the down arrow beside the reply button and selecting "Report phishing." Then delete it.
 
If you do click on the malicious link, don't grant permission when the fake GDocs app asks for it.
 
If, unfortunately, you fell for the scam and granted permission to the hackers, go to your Google connected sites console and immediately revoke access to "Google Docs." (If you don't trust the embedded link here — which is generally a good thing — you can manually type the address into your browser: https://myaccount.google.com/security?pli=1#connectedapps)
 
While you're at it, it's a good idea to revoke permission for any app listed there that you don't recognize.
 
Finally, change your Google password.
 
Source : This article was published in cnbc.com By Alex Johnson

Leave a comment

Get Exclusive Research Tips in Your Inbox

Receive Great tips via email, enter your email to Subscribe.
Please wait

airs logo

Association of Internet Research Specialists is the world's leading community for the Internet Research Specialist and provide a Unified Platform that delivers, Education, Training and Certification for Online Research.

Newsletter Subscription

Receive Great tips via email, enter your email to Subscribe.
Please wait

Follow Us on Social Media

Book Your Seat for Webinar GET FREE REGISTRATION FOR MEMBERS ONLY      Register Now