Watch Out for the New Google Mail Phishing Scam


Google recently announced that a new type of phishing scam has been detected.

Love may be in the air, but this is not the season for romance, but the season of being duped by cleverly-designed phishing scams. According to a new report issued by Google, it would seem that a new online bully is around the block, and he’s doing quick work of all those foolish enough to open the door to him.

When you thought that there’s nothing in the world that can make you click a suspicious link, the reality of living in an online world comes smacking you right in the face. According to Google’s statement, the company has recently identified a new type of phishing scam which specifically targets Gmail account owners.

Although it’s not as flashy as those “you have won a prize” malicious ads or as heartbreaking as someone asking for a couple of bucks over the phone to help your imaginary sister who’s just had a terrible accident, the new Gmail phishing is dangerous nonetheless.

So, how does it work and, more importantly, what can we do in order to protect ourselves against it? As we all know, the number one of surfing on the web is never to click suspicious links or pictures or movies.

Now, according to Google, the unsuspecting Google Mail user will receive mail from a person he might or might not know. A quick glance reveals that the mail seems legit and safe to open. Inside the e-mail, the user will find one or more attachments. According to Google, the scam attachments are usually text documents.

Once the user clicks on these attachments, the browser will automatically redirect him or her to a Gmail registration page. Subsequently, the user will be asked to introduce his credential if he wishes to open the attachments.

Well, if you do that, those credentials won’t be yours any longer. Google said that the attachments found in the e-mail are not actually documents, but cleverly-disguised redirect links. Obviously, the page you will be redirected to is not actually Google Mail’s official registration/sign-in page, but a false page made with the purpose of stealing personal data.

According to Google, the bogus e-mails are easy to stop. All you’ve got to do in order to make sure you don’t fall for the phishing scam is to check the links. If the URL looks normal, than it’s ok to click on it. On the other hand, if it’s data URI, you’ve better stay away from it, because it’s most likely a phishing scam.

Image source: Wikipedia