January 20, 2017

Recent Gmail Phishing Scam – Are You At Risk?

Google has discovered a phishing scam targeting Gmail and other e-mail services that tricks recipients into giving away personal data, such as login authentication. Although the phishing technique has reportedly been around for several months, it only got attention when a cybersecurity website published an alert.

What You Need To Know About the Phishing Scam

The attack of this phishing technique sends an e-mail to your Gmail account. This e-mail may possibly come from a contact you know, because their account might have been hacked by this scam. Alternatively, the e-mail may also contain an attached file, like an image.

Usually, when you click on an image, Gmail show you a preview of the attachment. Instead, by clicking on this “image”, a new tab will open, asking you to log in again to your Gmail account. The URL bar will look something like this:

Once you do a complete sign-in, your account then becomes compromised. The attackers have complete access to your contact list, and e-mail the same message to them. Now that they have your login credentials, the attackers can also use the password reset mechanism for your other e-mail accounts or SaaS services you use. The phishing scam is highly effective, as it is used with a very high success rate.

A Google official has recently stated: “We’re aware of this issue and continue to strengthen our defences against it. We help protect users from phishing attacks in a variety of ways, including: machine learning based detection of phishing messages, Safe Browsing warnings that notify users of dangerous links in emails and browsers, preventing suspicious account sign-ins, and more.”

How You Can Protect Yourself

Whenever you sign in to any service, make sure to: check URL bar, verify the protocol and the hostname. It should look like this when you sign into Gmail or Google while using the Chrome server:

If the ‘https://’ is green, then it’s a good sign. Also make sure that there is nothing before the hostname ‘’. Notice how in the previous image, you have ‘data:text/html’ before the hostname. Another tip to protect your account against such phishing scams is to enable two-factor authentication. This makes it even more difficult for attackers to sign into your account, even if they steal your password. Here is how two-factor authentication works.

How To Check If Your Account is Already Compromised

Although there is no sure way to check if your account is already compromised, it is best to verify your login activity by visiting You can then find out if someone else has recently signed into your account. If you are not sure whether or not your account has been hacked, it is best to change your password immediately. It is recommended to do so every few months.

Related Posts