Labels

SUPPORT JULIAN ASSANGE

Monday, June 16, 2014

A new phishing scheme is being used to steal Google Account credentials

by paganinip on May 15th, 2014

google-phishing-report
Description: Fb-Button
Security experts at Bitdefender discovered a new ingenious phishing scheme that is being used by hackers to steal Google Account credentials.

Security experts at Bitdefender have discovered a news phishing scheme adopted by hackers to steal Google Account passwords.

The new phishing attack is hard to catch with traditional heuristic detection, it mainly affects Google Chrome and Mozilla Firefox internet browsers.

The hackers send an email that pretends to be from Google, it warns victim that his account will be locked in the next 24 hours because the associated InBox has reached the maximum capability.


“With access to users’ Google accounts, hackers can buy apps on Google Play, hijack Google+ accounts and access confidential Google Drive documents,”“The scam starts with an email allegedly sent by Google, with “Mail Notice” or “New Lockout Notice” as a subject.” reports Catalin Cosoi, chief security strategist at Bitdefender  in the official blog post.

To avoid that the Google account will be “locked in 24 hours” the user is invited to go to the “INSTANT INCREASE” link, but the link redirects victims to a bogus Google web log-page. Using this artifice, hackers can steal Google account credentials within the browser.

phishing scheme against Google account 2

Cosoi explained that it is very difficult for users to note the attack because the fake Google web log-page goes undetected by Google’s Chrome uniform resource identifiers (URIs). The attackers exploit the way Google Chrome displays “data:” URIs.

Users will display “data:” in the address bar of their browser, which indicates the use of a data Uniform Resource Identifier scheme, the URI scheme allows attackers to include data in-line in web pages as if they were external resources.

“The scheme uses Base 64 encoding to represent file contents, in this case supplying the content of the fake web page in an encoded string within the data URI. As Google Chrome doesn’t show the whole string, regular users have a hard time figuring out they are targeted in a phishing attack and may give their data to cyber-criminals.” states the post.


phishing scheme against Google account

Bitdefender says that the scammers are able to avoid detection, by using a data URI scheme, which includes data in-line web pages as if they are external sources. The content from the fake webpage is encoded in the string with the data URI scheme, the attackers used Base64 coding to represent the file contents.

According Bitdefender the more than a thousand users were deceived by the phishing scheme.

“So far, more than a thousand users clicked on a single shortened URL used in the cyber-campaign. The numbers are without doubt a lot higher, as scammers create more than a single URL when crafting a phishing wave,” added Cosoi.

Phishing is becoming one of the most popular fraudulent activities in the cyber criminal ecosystem, hackers are exploiting new platforms like mobile and social media according the report of principal security firms.

Cyber criminals are trying to make phishing attacks harder to detect optimizing their email targeting, attackers are demonstrating to be able to find new methods of bypassing checks implemented by email providers and security firms.

Usually a targeted attack exploits the “human factor“, phishing offensives rely on social engineering techniques that is why is important to inform users of the tactics adopted by cyber criminals.

Organizations must train their personnel to reduce their human attack surface and avoid to be victims of such attacks.

Be careful!


(Security Affairs –  Google account, phishing)  
Post a Comment

assange



At midday on Friday 5 February, 2016 Julian Assange, John Jones QC, Melinda Taylor, Jennifer Robinson and Baltasar Garzon will be speaking at a press conference at the Frontline Club on the decision made by the UN Working Group on Arbitrary Detention on the Assange case.

xmas





the way we live

MAN


THE ENTIRE 14:02' INTERVIEW IS AVAILABLE AT

RC



info@exopoliticsportugal.com

BJ 2 FEV


http://benjaminfulfordtranslations.blogspot.pt/


UPDATES ON THURSDAY MORNINGS

AT 08:00h UTC


By choosing to educate ourselves and to spread the word, we can and will build a brighter future.

bj


Report 26:01:2015

BRAZILIAN

CHINESE

CROATIAN

CZECK

ENGLISH

FRENCH

GREEK

GERMAN

ITALIAN

JAPANESE

PORTUGUESE

SPANISH

UPDATES ON THURSDAY MORNINGS

AT 08:00 H GMT


BENJAMIN FULFORD -- jan 19





UPDATES ON THURSDAY MORNINGS

AT 08:00 H GMT

PressTV News Videos