Hackers are now using sophisticated tactics to target individuals who have Gmail account in a complex web of phishing attacks, reports now show.
According to Mark Maunder, the CEO of Wordfence, a WordPress security program, hackers seem to have devised a simple method that they are now using to trick users of Gmail accounts into clicking links that lead them well-crafted phishing pages.
‘This is one of the most complicated hacking campaigns targeting Gmail users because even the most experienced Gmail users have fallen for it,’ Mr Maunder said.
But what is likely to raise the concern of many people is the manner in which the hackers are running the campaign rely on the natural tendencies of people to click on email messages that originate from their associates.
It appears that once the hackers manage to hack into one account, they deliberately look for specific messages in the inbox of their victim as the first step of the process.
The hackers then compose new messages that contain special attachments and then send them to multiple individuals found in the contact address book of their victims, it has been reported.
According to Maunder, the hackers can trick many unsuspecting users because they have managed to develop websites that are quite similar to the login pages of Google.
‘Many people fall prey to these hacking attacks because the hackers have managed to create pages that are a complete replica of the Gmail pages that the users are used to,’ he said.
It has been established that the hackers have set up a process by which a target receives a message with prompts to view an attachment. Once a person clicks on the attachment contained in the message, the person is led to a fake login tab that asks for the Gmail account login details of the person.
It has been reported that the hackers are always on standby and immediately access the login details of the individual immediately the person key them on the fake login page.
Experts are advising Gmail users to regularly check the web address bar when login into their accounts.
‘Checking the address bar can help users verify whether or not they are visiting a genuine website,’ Maunder says.
Furthermore, Gmail users are advised to use the two-step authentication process to secure their accounts. This process of authentication makes it impossible for third parties to steal the details of their victims by using standard phishing procedures.