RealtyBizNews - Real Estate Marketing and Beyond
Visit our Facebook Visit our Twitter Visit our LinkedIn
Real Estate Marketing & Beyond
Home » Marketing Insider » Real Estate Marketing » Google » New email phishing scam targets Gmail users

New email phishing scam targets Gmail users

By Mike Wheatley | March 20, 2017

Google is warning of a new email phishing scam that directs users to what looks like a Google sign-in page, in order to steal personal details and steal the user’s contacts’ details and passwords.

The scam is extremely well designed. It starts with the scammer sending an email to your Gmail address that appears to come from one of your contacts. The email asks the reader to take a look at an attached file, usually a PDF or Word document. The email and the attachment may well seem to be legitimate as it comes from one of your contacts, but clicking on the document takes you to a new page in a new tab that prompts you to sign into your Gmail account again.

Of course, you absolutely shouldn’t try to sign in again, as this is actually a fake page that mimics Google’s authentic sign in page. Entering your details here means the scammer gets access to them, and they not only steal your personal information but can try to scam your contacts too.

The scam works because the attached document is in fact, not a document at all but an embedded image that appears to be a document. Click on it and it redirects to the fake sign in page, instead of attempting to download the file – which is what happens in normal cases.

Luckily there are ways to spot the scam. The best way is to always check the browser address bar before trying to log in. The Google sign-in page that users are directed to appears legit, with the same logo, text boxes, and tagline. But the address bar is the tell-all: The page is a data URI with the prefix “data:text/html.” It’s not a URL that begins “https://.”

Google also has recently released a Chrome update to 56.0.2924 to help spot such fake forms. With the update, if you view a data URL, the location bar will show “Not Secure” to help users spot phishing scams more easily. Users on laptop and desktop computers can often hover their cursor over the attachment to check its URL before clicking.

Mike Wheatley is the senior editor at Realty Biz News. Got a real estate related news article you wish to share, contact Mike at [email protected].
Sign up to Realty Biz Buzz
Get Digital Marketing Training
right to your inbox

Follow Realtybiznews

Visit our Facebook Visit our Twitter Visit our LinkedIn
All Contents © Copyright RealtyBizNews · All Rights Reserved. 2016-2024
Website Designed by Swaydesign.
linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram