Users of Gmail, Google’s email, are victims of phishing attempts

Gmail users are not safe from phishing. Indeed, the e-mail platform of Google is also the prey of a phishing attempt, unfortunately quite well orchestrated.

To understand this phishing on Gmail users, let’s begin by reminding what phishing is. Who has never received an e-mail indicating a refund due to an overpayment? Or a mail from a bank requiring you to enter your password as part of an audit procedure?

The crooks send thousands of e-mails like these, pretending to be an official entity (Bank, Microsoft, Apple, …). Their goal is that a victim believes this and discloses personal information (Credit card number, password, …). This scam on the internet is what is called phishing.

  • Phishing applied to Gmail

In the case of Gmail, the phishing attempt looks a bit different. The method is about sending a message to the person to be trapped. For more efficiency, scammers used a corrupted account belonging to a legitimate owner known by the potential victim.

Gmail login

This mail invites the recipient to open a document stored on “Google drive”, the cloud storage service of the Internet giant. This service is pretty well known to familiar Gmail users. But after having clicked on the link, the Gmail login page appears of instead of the expected document.

Surprised, the person thinks he / she has been disconnected and then enter again his email address and password. Unfortunately, this is where the fraud takes place. It was not an untimely disconnection but a misleading page displayed by the crooks after having clicked on the request to access Google Drive.

  • Skilled users were trapped

The scammers have now recovered the login / password and then rapidly access the victim’s mailbox. They check e-mails for sensitive data. They also take advantage of this access by stealing the address book of the victim. The scammers can then reproduce the process of such phishing attempt.

This phishing attempt targeting Gmail accounts is subtle and many skilled users get caught. A more discrete visible element of this fraud attempt is the URL used. This is different from the normal address: https://mail.google.com. But scammers know that we don’t always pay attention to the content of the bar at the top of the internet browsers.

Be vigilant Gmail users! And pay attention especially if one of your contacts invite you to view a document on Google drive.

2 thoughts on “Users of Gmail, Google’s email, are victims of phishing attempts

  1. Permalink  ⋅ Reply

    Barbara Rothkegel

    October 2, 2019 at 12:56pm

    Hi, I got a friend request on facebook from a Lucas Ferguson, 58, pretending working on an oil rig in Alaska and having a daughter on boarding school in London. He insisted changing conversation on Google Hangout and after erased his fb-profile. After a while of love-blabla and planning to live together (he said to get retired soon and will get a 1.2 Million paycheck), his “daughter” Rose started corresponding with me on gmail, mentioning an important project at school and that she needs a computer of her own. At the day of the project, she wrote again, claiming on having the money immediately.

    Mai adresses used are: lucasferguson461@gmail.com abd roselucasferguson1@gmail.com
    They used various photos, which I will send you separately. They must be psychologically trained, but not too clever, because the story told show various logical mistakes. Faced with this faults and accused of scamming, he reacted disappointed an then made a video-call on hangout, where his face can’t be recognized (big pixels). The voice was of a younger african man, with a dog and birds and people talking in the background. After telling him, that I have no money, the call disconnected. That’s it. There must be various people involved. I found the pics are often used in the net on various plattforms, recently on instagram as Gordon Stevenson.
    Thanks for publishing!

    Attachment

  2. Permalink  ⋅ Reply

    Barbara Rothkegel

    October 2, 2019 at 1:01pm

    see below

    Attachment

Leave a Reply

Your email will not be published. Name and Email fields are required.