Gmail phishing is one of most common methods used by hackers to compromise the online security of naive users. But, a recent Gmail phishing attack, uncovered by Wordfence, mimics your past conversations and succeeds in fooling the tech-savvy netizens.
How does this scary Gmail phishing attack work?
This phishing attack first compromises a victim’s Gmail account and starts sniffing the contact list. Then, it sends fake emails, which look very much legitimate, to everyone.
Now comes the smart part — the attack scans the user’s Gmail history and finds the file names of the sent attachments. Then, it applies the same name to the new attachments that appear to be PDFs. However, they are images that send the user to phishing web pages. To make the overall scheme more convincing, the attack steals subject lines from previous emails.