Gmail phishing scheme poses a cybersecurity threat to millions of users
Rebecca Nash, ECE ILLINOIS
1/24/2017 3:43:04 PM
“It’s a little bit difficult to see, because it’s designed to fool users into thinking that everything is OK,” says Borisov. “The way a lot of scams get perpetrated is by fooling you into thinking that you're typing your password into a legitimate site such as Gmail, but of course, you’re actually redirected to a website that is run by the attacker."
These schemes are difficult to spot because the attacker site URL may look nearly identical to the secure Gmail login. Users must verify the sites they enter their information into begin with "https://", as opposed to the insecure browser "data:text/html".
“If you were to glance up at your location bar in your browser… you would see the things you were looking for, or at least some of the things. If you were (looking) a little more carefully, you’d notice there wasn’t a secure indicator, a green lock indicator," Borisov notes about the false login.
To check if your account is safe, Gmail users can look into their "account activity" and browse their "recent security activity" to check for suspicious movement.
To learn more ways to protect yourself against the Gmail phishing scheme, read the original article by the Chicago Tribune.