New Gmail Phishing Technique Can Fool Professionals
Basically, an actor compromises a gmail account, either through hacking or phishing. However, instead of doing damage to that account, the actor harvests Email addresses as well as Emails. Here is where it get interesting. They then look for Emails that may have an attachment or an image. The actor resends that email to the intended victim from the account that he/she first compromised, but the image or attachment has been replaced with a malicious link/program. So, bottom line, the Email comes from an individual you have been corresponding with. It is an actual email from the discussion you were having with the individual but the individual did not send it. Thinking that it is legitimate because it is just the next email in your conversation, you click the link, image or attachment – game over!
Although this technique has currently been spotted on gmail accounts, it can actually apply to any Email server. There are also several variations on what the actor can use to compromise your account, credentials or Email.
Since the bogus Email you receive comes from a trusted source and one you were having an Email discussion with, it is virtually impossible to spot the deception. And, savvy actors can easily bypass most scanners in one way or another.
We have no recommendations other than to be overly vigilant and look for anything in an Email that appears suspicious.
<A HREF=”https://www.helpnetsecurity.com/2017/01/16/new-gmail-phishing-attack-fools-even-tech-savvy-users/” TARGET=”_blank”>Read more about one variation on how this is currently being used . . .</A>