Web Exclusive

New Phishing Scam Targets Gmail Users

Ah, the internet. It’s given us so much. Fingertip access to unfathomably deep repositories of information. Even more important: Hilarious memes of grumpy cats. While such positives score substantial points in the internet’s favor, the ol’ information superhighway certainly has some huge checks against it. Namely, it has made us vulnerable like never before to a new breed of criminals – tech-savvy hackers who can fleece us from half a world away.

Case in point: A wickedly deceptive new phishing scam targeting Gmail accounts.

The perpetrators certainly put their evil genius caps on for this one, aiming to steal Gmail usernames and passwords – and whatever else they can through access to your Gmail. The fraud begins with an email in your inbox that appears to have been sent by someone you know. Typically, the message will include an image that you recognize from the sender. Not thinking twice, you click on the image, launching a fresh tab in which you are prompted to sign back in to your account. You sign in again, and just like that, the hackers are inside your Gmail, stealthy as a by-night assassin. Once in your account, the web pirates plunder real pictures and subject lines, which they then send to unwitting folks in your contact list, aiming to snare them as well.

Fortunately, PC Mag reports that there is a tell that can tip you off that you’re about to become the victim of a cyberattack. In your location bar, a legitimate Gmail address would start by reading https://accounts.google.com... However, in the phishing scam, the location bar address will additionally include “data:text/html” in front of the https://accounts.google.com. So if you see that extra text, quickly close out the tab and count yourself lucky: You just kept yourself off the hacker’s hook.  

The PC Mag article has more extensive details on the scam. Check it out.