Your Gmail account may be in danger; take steps to secure your account

by | Jan 17, 2017

Internet fraud, such as phishing, has been on the rise as cybercriminals discover new ways to deceive users. Phishing is an attempt to obtain sensitive information such as passwords, credit card details or username for mischievous reasons by disguising as a trustworthy entity in electronic communication.

Security experts have revealed that Gmail users are a target of a new phishing campaign that can outsmart even experienced tech users. Cybercriminals use specially created URLs to trick  people into entering their Gmail credentials on a phishing website. Once a victim submits a password, the attacker logs into the victim’s Gmail account and starts gathering information in preparation for a secondary attack targeted at contacts of the victim..

Asides gathering contact email addresses of the victims, the attackers also scan for attachments and appropriate subject lines from previously sent emails. So the phishing email, which contains a message and a thumb-nailed version of an attachment, appears to be sent from someone the victims actually know.

When this attachment is clicked a convincing Gmail login box is opened, however this is a trap. A full web page worth of code is entered into the browser’s address bar when the attachment is clicked. With the rest of this code carefully hidden by whitespaces, all the victim sees is the very beginning and the “https://accounts.google.com” may cause many to let their guard down.

phising adress bar

The phishing URL

Experts are unsure of the exact mechanism of the attack, but it is suspected that these criminals either have an active team ready to act on compromised accounts or they employ some advanced automation feature in their code.

How to protect yourself from these attacks

These carefully planned attacks can be easily overcome if you enable two-factor authentication in Gmail. Attackers cannot gain access to your account without access to this second factor which may be your phone or a USB cryptographic key.

If you fear that you may already be a victim of the scam, you should first change the password of your Gmail account then get rid of any current sessions on your Gmail account activity page that you consider suspicious.

Onyinye Uche
Onyinye Uche

Writer. Interested in EdTech and tech careers


Are you in tech and you are looking at getting a foreign remote job or you want to move abroad? Fill this form and you will get the BEST resources to help you get that high paying remote job as well as japa easily! WAGMI!

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments

Recent News

TABS is tomorrow! 💃 💃

TABS is tomorrow! 💃 💃

On #TechpointDigest, we discuss Victory Farms’ $5m investment, Netflix for kids and people with disabilities, and TikTok’s plan to credit creators.

TikTok on a “Branded Mission”

TikTok on a “Branded Mission”

On #TechpointDigest, we discuss Autochek’s new acquisition, TikTok’s Branded Mission, Bamba’s $3.2 million seed, and Jumia’s report for Q1 2022.

[PODCAST] Tax evasion in Nigeria to get harder

[PODCAST] Tax evasion in Nigeria to get harder

Using data mining and machine learning, Nigeria’s Federal Inland Revenue Service plans to make it harder to evade taxes. Listen to today’s episode of #TechpointAfricaPodcast to learn how it plans to do that.

Subscribe to Techpoint Digest!

A daily 5-minute roundup of happenings in African and global tech, sent directly to your email inbox, between 5 a.m. and 7 a.m (WAT) every week day!

Please check your email to confirm your subscription.

Subscribe to Blockchain Explorer

Analysis oninnovation, regulations, and trends inthe blockchain sector, as it concerns Africa

Please check your email to confirm your subscription.

Subscribe to The Experts

A bi-weekly where tech career specialists take us on their journey from newbie to expert, and how they became successful in the industry.

Please check your email to confirm your subscription.

Subscribe to Founder's Table

A monthly series, where we catch up with founders in the startup ecosystem, learn about their failures, successes and a few tricks of the trade

Please check your email to confirm your subscription.

Copy link
Powered by Social Snap