Quick Query

Spotting the New Gmail Phishing Attack: Here’s How!

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedIn

Walking into the New Years with new updates, new objectives and new cyber threats! From the last few weeks, a new type of phishing activity has been surfaced and tracked by cyber security professionals at WordFence, WordPress’s security research department. This activity is targeted to Gmail accounts to steal information.

New Gmail Phishing Attack: A Brief Summary
The hacker usually waits for the user to insert their protected credentials/passwords, and instantly logs in as the user. A new phishing (cyber-attack) technique can be employed to carry out this function using a data uniform resource identifier (URI).

Additionally, it creates a fake Google log-in page to engage users and make a fool out of them by inserting a proper file in the browser’s location bar.

Why is it More Dangerous?
As the attacks are targeted towards Gmail account, it’s like a jackpot for the hacker. Commonly, Gmail accounts are inter-connected with several gateways, such as social media websites, saved payment directories and much more.


Once a hacker is inside your zone, he can use the attachment with similar subject line to send phishing mails to other users. Once the other user will open the attachment, a duplicate Google account appears, which asks for constant logins using the web address ““.

As the content is familiar, the mail gets more credibility and authenticity, and traps the victims more easily.

Spotting the Attack


  • An easy way to spot the attack is to look out for the “lock icon” present on the left side of the address bar while opening a Gmail account. A green lock implements a secure connectivity, while any other case might prove to be dangerous.
  • Another can be installing two-factor authentication for your accounts on Google. This will give hackers a hard time breaching into an account, as they would require another device, like a phone, to unlock the required.
  • Look out for the prefix ‘data:text/html’ in the address bar. If this is present, then your account has been hacked already!


If Already Under Attack?
If a user faces any compromising situation, go for the immediate step. Change your password at once, direct towards your Gmail activity page and log out from every current session as displayed.

Leave a Reply

Your email address will not be published. Required fields are marked *