Gmail Cyber Attack: How the latest phishing attack infects users

The latest Gmail Cyber Attack features a very convincing – and functional – Gmail sign in page.
“Actual subject lines, with actual attachments, sent to people in your contact list.”
What’s the deal?
The latest phishing attack to hit cyber security headlines involves a very clever technique that convinces Gmail users to re-enter log in credentials.
How does it work?
This form of cyber attack composes an email by analysing past attachments and messages, creating a very familiar looking email and attachment that the recipient could be tempted to open. The attachment, when clicked on, will open a new tab linking to an image that replicates the google sign in page.
What to look out for
The sign in page will look similar to the one below, but if you look closely at the URL, you will see that is not legitimate.

Instead of a recognisable URL address, the address bar will look something like this:

What are the consequences?
Unfortunately, the hackers have created such a convincing sign in page, that many users will sign in here, in turn handing over log in details that will allow them to access your organisations data source.
By logging in, the hackers not only have access to sensitive data, the cyber attackers also have access to your email database. This allows the hackers to analyse your messages and attachments in order to create another round of familiar looking emails to target other Gmail users.
How do I protect myself against this type of Cyber Attack?
This convincing method of email phishing may seem almost unavoidable – but common sense and a little cyber-savvy know-how will help you to avoid falling into a cyber attack trap.
- Check the URL. Double, triple, and quadruple check the address bar before you sign in to any familiar looking log-in screen. Don’t forget that however convincing it may look, the URL at the top of your screen may cause alarm bells to ring. If it does, close the window down.
- Enable two-factor authorisation. This is a very simple, easy to set up, quick-win.
- Ensure your data is backed up. A cyber attack such as this puts your corporate data sources at risk of being accessed by criminal hackers. Data can then be erased, held at ransom or tampered with. The best way to avoid this, is by ensuring that your data is backed up.
Choosing an online backup provider
Choosing an online backup provider will mean that in the event of a cyber attack, your critical data can be fully restored – allowing your organisation to continue running as normal.
- Data Loss, Cyber Security and your Workforce
- How to protect your Office 365 data from ransomware attacks
- Human Error is the Biggest Cause of Data Loss in Office 365
- The Office 365 Shared Responsibility Model
- Office 365 Backup and GDPR Compliance
- 3 Reasons why Office 365 Backup is Crucial
- Veeam Backup for Microsoft Office 365
- 3 Ways to Prevent Data Loss (and Unnecessary Head Loss)
- 3 Crucial Mistakes People Make When Moving to the Cloud
- 4 Security Benefits Of Cloud Computing
Want to know more? Get in touch.
Speak to a cloud specialist today to learn more about how we can help your business
Leave A Comment