We’ve all been there at some point or another: your account has been compromised.
Phishing attacks are getting even more clever now, disguising themselves as what seems to look like a legitimate link to the average person.
The latest Gmail phishing exploit specifically targets Gmail customers and other services.
The attack works like this:
2. Once you click on the image though, instead of getting a preview, a new tab will open up and the window will ask you to sign into Gmail again. If you look at the URL bar, it will look like this:
And sadly, the page looks just like a Gmail account sign-in (see example on the right).
3. Once sign-in is completed, your account has been compromised. And once they have access to your account, they also have access to emails sent and received, controlling your email address.
Protect yourself from this phishing attack and others by always checking the legitimacy of links you’re clicking. If you’re suspicious, take a look at the URL for any odd prefixes.
Legitimate, safe URL
Phishing / Attack URL Examples
If you’re concerned your account has been compromised, visit this Google support page to see if someone else has been signing into your account: https://support.google.com/mail/answer/45938?hl=en
Help protect yourself and others by spreading the word about this Gmail phishing exploit.