Phishing

New Phishing Attack Targets Gmail Users

PhishingIncreased awareness is taking place concerning a phishing attack. It has been around for over a year and is targeting Gmail users. Inboxes are being infiltrated by hackers, which is allowing these cyber criminals access to both incoming and outgoing email messages. That in and of itself isn’t the shocker. What is more surprising is what happens next. Hackers look for emails that have links attached and replace them with a Gmail login screen that is malicious. Once the user clicks on the attachment, they will see a Gmail login screen prompting the login and password for that account. Once this happens, the hackers have instant access to sensitive login information, making it easy for them to see a whole new inbox to start the process over from.

Here’s how it works…

Let’s say someone sends you an email that has a Word document attached to it. That email is sent from their Gmail account to your Gmail account. Your account becomes hacked, which opens it up to cyber criminals who can get in and put that malicious Gmail login screen in place of the attached Word document. Now when you click on that attachment, you follow the prompts to sign into your Gmail account. Instead of opening the document as you thought it would, it gives hackers full access to your password so they can get into your account. They grab more email addresses from your list and repeat the cycle.

Phishing Attacks

Phishing attacks take place when malicious links, malware or attachments sent by hackers infect your account through the emails they send. They are certainly nothing new, but they are always changing and evolving, becoming more sophisticated and tough to catch.

This Gmail attack is a great example of that. Usually there are several red flags associated with a phishing attack that make it easy to avoid being infected. But with this attack, it comes from an email thread that seems familiar and trusted. You usually don’t know the sender, whereas in this Gmail attack, you most likely do know the sender. It’s easy to suspect a hacker when you see urgent messages in your email, telling you to please open immediately. It could be under the guise of overdue bills, an invoice that has a mistake, package tracking info, etc. Because it is coming from a trusted source, you click on the malicious attachment, giving the hackers the info they are looking for. One tip is to watch out for spelling and grammar mistakes. The hackers are counting on the fact that you won’t think twice about it if it’s coming from an email you already deem safe. If you see spelling errors, be careful about what you click on. Also, be wary of any screen prompting you to log into your account when you’re already logged in! Many people miss the small but obvious signs of a phishing attack.

Stay safe online with more tips from Tech Sentries! Call us at 843-282-2222.

Spear Phishing

 

We’ve warned our readers in the past about cyber attacks identified as phishing. Yes, phishing is dangerous for unaware phish. We don’t want that phish to be you. Now the problem is more dangerous. Phishing has escalated to the even more pernicious spear phishing.

Phishing Reviewed

·       You receive a message inviting you to access a website or other online document.

·       You (the phish) bite by clicking on an “Open in Docs” button. Sometimes the message seems to be too good to pass up. Even if it doesn’t appear that good, it just looks so real.

·       Once you bite, the hook is set and the phisher uses your contact list to infect the people and businesses on it.

Digital phishing works randomly, just like regular fishing. The phisher casts his line to where the phish are gathered, hoping that one bites.

Spear Phishing Is Targeted

There’s a reason we call it spear phishing: because it is just like spearfishing. The phisher has a specific phish in his crosshairs. Instead of waiting for a random fish to take the bait, the spear phisher has his eye on you or your business, and he is ready to stick it to you.

The spear-phishing cyber attacker already knows your name and enough readily available information about you to get your attention. The method of attraction is much more subtle and sinister. Using your known information, the attack typically comes cleverly disguised as a message from someone you know or some company you do business with and trust. Only it’s not.

If it weren’t for the phishing phrase already in use, we might be describing these attacks as wolves in sheep’s clothing. Your cyber attacker presents him or herself as innocuous and trustworthy.

Fear the Spear

The best way to avoid being spear phished is by exercising an abundance of caution. Be wary of invitations, offers, and surveys that might even possibly be cyber attacks. Even more important is ensuring that your technology is protected. Caution is good, but it now takes security technology to best guard your technology and to keep your computers free of spyware, malware, phishing, and other attacks.

Tech Sentries works diligently to keep you aware of potential dangers and how to take a few, common-sense steps to Guard Your Technology and to ensure the safety of your data and devices.

We are as concerned about your computer system security as you are. Your computer system security is our business. That’s why Tech Sentries is always on duty. Contact us today to learn how we can help you “GUARD YOUR TECHNOLOGY” (843-282-2222).