Are you aware of the current phishing scam going on with Gmail?
For those of you who haven’t heard, there is a nasty phishing scam going on with people’s Gmail accounts. Sources say if you don’t pay attention to secure URL information when you read an email with an attachment, it’s easy to become a victim of these scammers.
What’s the Scam?
Apparently, these scammers get in by sending fake attachments, which often resemble a pdf document attachment. You may even recognize the Google account sign in as usual, but the alert warns us to check the URL before signing into to your Gmail account before entering your password information. When the URL opens up, MAKE SURE the URL for that Google document starts with ‘Secure https://google.com’ and NO WORDS PRECEDE THAT URL SUCH AS: DATA TEXT, this is where the trouble begins. Please read the article below and follow the link for more in-depth examples of what to look for to protect your identity.
I found this post by Robert Hackett on Fortune.com
“Here’s how the swindle works. The attacker, usually disguised as a trusted contact, sends a boobytrapped email to a prospective victim. Affixed to that email, there appears to be a regular attachment, say a PDF document. Nothing seemingly out of the ordinary.
But the attachment is actually an embedded image that has been crafted to look like a PDF. Rather than reveal a preview of the document when clicked, that embedded image links out to a fake Google (GOOGL, +1.08%) login page. And this is where the scam gets really devious.
Everything about this sign-in page looks authentic: the Google logo, the username and password entry fields, the tagline (“One account. All of Google.”). By all indications, the page is a facsimile of the real thing. Except for one clue: the browser’s address bar.” Continue Reading
Source: Everyone Is Falling For This Frighteningly Effective Gmail Scam
Here’s another source from Huffington Post
DGKayewriter.com 
Thanks for the heads up, Deb. Since Google usually notifies us directly when we log in to our accounts (they’re not known for sending alerts via email), I usually just ignore and delete such emails. But I’m glad to know what to look for in the URL. And I’m really glad we have an FBI ~ YOU ~ looking out for us! Geez, I wouldn’t know 3/4 of the techie things I know if it weren’t for you. Thanks for having our backs, girlfriend. I think some of us might be dead fish dangling off hacker hooks if you didn’t 🙂 ?
LikeLike
Lol T. You know me, I find, I share. I know some people don’t spend near the amount of time reading newsletters and scanning SEO sites where I find a lot of this info, so I hope by sharing, others are doing the same to pass it along. 🙂 ❤
LikeLike
Debby, I have read about this and it’s scary as they do look legit. Thank you for pointing it out and warning us…having had recent computer problems it’s frightening how easily the helpline people can ‘take over’ the computer to help…makes one wonder how vulnerable it is all the time.
LikeLike
Yes Annika, it’s real, hackers trying to phish Google sites. Not surprising, they phish banks and other financial institutions, so why not Google. 😦
LikeLike
Thanks Debby for finding this. I can’t see where to re-blog it, and so I’ll share it on my Friday Roundup.
LikeLike
Thanks Stevie. As I’ve written about before, self hosters don’t have the luxury of a reblog button. You can download the ‘press this’ tool in your dashboard >tools which enables ‘press this’ on your tool bar, allowing you to copy info and links from anywhere on the web into a draft in your dashboard. If you’re interested just go to my search bar and type in ‘press this’ and you can read several posts with instructions. Alternatively you can always copy and paste. 🙂
LikeLike
Ooh…thanks for the ‘press this’ info. Will check those posts out.
LikeLike
Happy to help, 🙂
LikeLike
Thanks for the warning, Debby. I appreciate the heads up. I’ve become so cautious about scams that I don’t think I’d fall for this, but the warning definitely helps. Ugh. Some people can be so awful.
LikeLike
Glad to share the word Diana. Yes, it’s easy to overlook when that little Gmail signin box pops up to signin, people don’t tend to double check the URL before entering their passwords. 🙂
LikeLike
I had not heard of this particular scam Debby but have recieved similar in my email account Some from supposedly google and linked in .. I hover my mouse over the email addressee and often that shows up as not from either.. Both have links within the email asking you to pick up your messages.. I delete and never press a link unless I am 100% sure of who it is from..
Again thank you for this.. So many devious people around today.. xx
LikeLike
Grr, sorry to hear about your scammy emails no doubt Sue. Glad you are taking precautions, and this article will help you become a better detective to keep you secure from the evil doers. 🙂 xo
LikeLike
Thanks again.. Yes its like some who comment upon my blog. I had to alter my moderation comments to approve as it seems I have a not so nice fan..
LikeLike
Oh that is sad. And who could possibly come to your blog of all places and not be nice? Just crazy. I don’t blame you. I moderate all my comments just in case of such people filtering through. 🙂
LikeLike
Thank you for the heads up Debby. I personally don’t use gmail that much but I do have friends and relatives that do. I will pass this on. xo
LikeLike
Thanks for helping to spread the world Patricia. ❤
LikeLike
Here’s one more source on this, from Wordfence (major WordPress plugin for keeping your site secure) that I posted on Google + a couple weeks ago. https://www.wordfence.com/blog/2017/01/gmail-phishing-data-uri/
Their blog post about it has an update from Google that suggests that the upcoming Chrome version 56 will have some help on this. Details to follow.
LikeLike
Thanks so much John for sharing the update and link. About time the giant finds a cure for this. 🙂
LikeLike
I’ve heard of this also. I’m so glad everyone is getting the word out. It looks frighteningly real.
LikeLike
It’s real alright. 😦
LikeLike
While I haven’t heard of a scam going on with gmail, I have found many such emails in my rediff junk account and I never open them! It is quite scary if it seems to be from a known acquaintance. Just a couple of days back I was cribbing about Apple’s security, which is probably more stringent than any top leader’s security. I was locked out of my own account and was asked for authentication for whatever reasons known to them…finally I emerged better thanks to them for making me learn certain things the hardest way!! 🙂
Thanks for the reminder dear friend.
LikeLike
Glad I could be helpful Balroop. Yes, even the giants of technology get hit. And these types of emails won’t go to junk because they are from regular recognized email accounts. It’s the attachments you have to look out for. Before signing in, always check the URL is secure with no text in front of the ‘secure https’ 🙂
LikeLike
I’m not sure what they mean by ‘trusted contact’ but that’s scary. I don’t open attachments from unknown sources but I’d open something from someone I know. Thanks for sharing this.
LikeLike
That’s the thing Sarah, trust contact is someone Google knows is a regular on your email list that you get notifications from. Thus, the scam, because we think because we know who the email is from there’s no harm in opening the attachment. We never know if one of our regular senders has been phished and a cyber criminal has stolen their password and contacts. So the best way to beware is when Gmail asks you to sign in, check the URL and make sure it starts with ‘Secure https’ and no filler crap before.
LikeLike
That IS the thing. I’ve always been careful when I don’t know names but… I’ll look for the URL now. ?
LikeLike
Yes, that is the thing! It’s easy enough to be suspicious from someone we don’t know. But these evil doers are sliding in AS people we know. Just check the URL before looking at anything sent from someone you think you know and you’ll be good to go. 🙂 ❤
LikeLike
May all phishers sink to the bottom of a bog and be covered in the scum that will ensure that no one will ever be able to find or rescue.
Thanks for the heads up, Deb. I’m careful (bordering on paranoid), but when email looks like it comes from someone I know, I need to make sure I don’t click absentmindedly.
xx,
mgh
(Madelyn Griffith-Haynie – ADDandSoMuchMore dot com)
– ADD Coach Training Field founder; ADD Coaching co-founder –
“It takes a village to educate a world!”
LikeLike
Amen to that, lol. But seriously Madelyn, it’s the cyber world we live in where evil doers have made a comfortable nest, not having to get off their azzes to create havoc in people’s lives. 😦 xo
LikeLike
May it happen to them! BIG time. 🙂
That would be a funny TV series – a couple of the hacked turning into avengers fomenting a huge hacker war where they all turn on each other.
We’d ALL enjoy watching *their* lives fall apart, one by one – and their frustration trying to dig their way out of the mess that is always created when phishers are successful in their evil doing.
xx,
mgh
LikeLike
Love it! Why don’t we throw in a few internet trollers while we’re at it? LOL 🙂 xo
LikeLike
There are so many of these scams and the more we are online, the more we are threatened. This was very informative, Debby, thanks for the details and the links!
LikeLike
I know Terri, it’s sad really. But forewarned is forearmed, so I hope this helps a lot of people to pay attention to protect ourselves. 🙂
LikeLike
Goodness, those scammers are a sneaky lot!
LikeLike
No kidding Bun. Trying to stay on top of them best we can. 🙂
LikeLike
I’ll keep my eyes open! 🙂
LikeLike
You may have to remove ‘the bag’ LOL 🙂
LikeLike
All important to remember every day, Debby. Thank you. I don’t open email links or attachments, even from my best friend, unless there is truly personal (not generic “hi, how are you?”) with it. If I’m not sure, I write a new email to sender asking if he/she sent me an email with an attachment or enclosed link. Too many people trying to hurt others for fun. I got a virus once a long time ago, so I’m careful now–lots like I was with birth control more than a decade ago. Be careful!
LikeLike
Good to know you’re being cautious Elaine, once bitten twice shy approach. And had to laugh at your 2nd last sentence. 🙂
LikeLike
Let’s feature this so that more will see and take note.
Kathleen
Bloggers Pit Stop
LikeLike
Thanks a bunch Kathleen. So important!!! ❤
LikeLike
I hadn’t heard of this Debby. Thanks for making us aware.
Janice
LikeLike
Glad to share Janice. 🙂
LikeLike
Thanks Kathleen. 🙂
LikeLike
Thank you Kenneth. 🙂
LikeLike
Thanks Janice! 🙂
LikeLike