Security firm says Gmail accounts targeted by ‘highly effective phishing attack’

This is an archived article and the information in the article may be outdated. Please look at the time stamp on the story to see when it was last updated.

DELAWARE – The internet security firm Wordfence has sent out alerts warning Gmail users of what they call a “highly effective phishing attack.”

The entry on their site was originally posted on January 12, but has been updated with new details from Google.  The site reports that experienced tech people have been hit by the attack and have fallen for it.

The site says that the attacker sends you an email to your Gmail account, from someone you know who has already been hacked.  It includes an image that looks like an attachment from the sender, but when you click on the image, a new tab opens, prompting you to sign in again to Gmail.  In the location bar you see “”.

After you sign in, you are compromised.  According to a commenter on Hacker News, the attackers then log in to your account and use your attachments and one of your subject lines and start sending out more phishing requests to your contact list.  And, of course, once they are in your account, they could reset your password and do other things online in your behalf.

Experts say that enabling two-step verification on your account is helpful.

For more details, visit the Wordfence web site here.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

1 Comment

Notice: you are using an outdated browser. Microsoft does not recommend using IE as your default browser. Some features on this website, like video and images, might not work properly. For the best experience, please upgrade your browser.