How many of you use Gmail on a regular basis?
Either for personal or professional reasons, Gmail is one of the most popular email platforms in the world. Not to mention that you can connect it with a wide range of useful tools like Drive, Calendar, and more. Gmail is definitely an app that makes your life easier, right?
Well, if you do believe this, then you may also believe that there’s such a thing as called Gmail attack. This is one of the most clever hacks. You should be extremely careful with who sends you emails and attachments.
Gmail attack process
You will receive an email from a friend, work colleague, or business partner, with an attached document. This document is something you know you should get in the near future. Sadly, this attachment is nothing else but a trap that opens a new Sign-in window asking for your Gmail account details. After all, we all were asked at a certain point to sign in so we can see the content of a document, right?
Usually, when you receive an infected email, you are able to tell by the suspicious links and the clickbait titles. This time, the process is a little bit different and a lot smoother.
How is this possible? Well, hackers got so smart that they use social engineering at an automated level to figure out which documents link you and an already hacked Gmail account
Now, returning to the Sign-in window – if you are just a little bit of security preparedness in your daily work, you know to check for the link. Usually, for a Google sign-in, the link must show accounts.google.com in the address bar. Well, the freaky part about this hack is that it actually shows this in the address bar! So there’s absolutely no reason to doubt the legitimacy of the attachment! Again, how is this possible? Well, the hackers are using an old trick called script embedding. The hackers start their links with ‘data:’, which is the way to transform a link into a DAT URI, the standard way to embed content into a URL string. This method was actually designed around 1990 and it shows up in the RFC 2397, developed by the Internet Engineering Task Force.
So, if you ever get an attachment that requires you to log in, take a look at the URL. If it starts with the word ‘data:’ before //, you can ignore the message.
The solution to keeping our accounts safe
Just like with any hacks, there is a way to make sure your account is safe. In this case, the solution is MFA (multi-factor authentication). MFA introduces a second step in the authentication process so, if someone ever gets your username and password, they will also have to get through the second step to access your account.
This second step can be a device you need to connect to the laptop, computer, tablet, or phone you use to access your email or a simple SMS message with a code. You can read (and learn) more about MFA in our article about two-step authentication so don’t be hasty! Learn how MFA can help you and make sure your business and personal life are safe!