Security firm AppRiver is tracking malware-ridden emails posing as account notifications from Gmail, in a sweeping attack leaving millions of users at risk.
The campaign sees a spoof email from Google with the text, “Gmail service has sent you a notification,” and includes a link to view the full message.
The link, however, leads to a malicious web page putting the user directly in the firing line of covert threats to their device. The messages were first detected one week ago and are believed to still be circulating.
Troy Gill, senior security analyst at AppRiver, explains, “The link leads to a malicious web page that installs malware on the victim’s machine. Once the page loads, the infection has occurred and the whole process is invisible to the user.”
AppRiver is currently tracking several variants of this threat and has seen millions of messages associated with the campaign.
This technique is frequently used by spammers to give the appearance of legitimacy to their messages, and while many users will dismiss the message as spam once clicking on the link, Gill warns that "most will not realise the more serious implications of the infection that's taken place."
With the campaign encompassing so many malicious messages, App River notes that only a small percentage need to successfully dupe their victims to make the campaign a success for the attackers.
"Though common sense prevails 99 per cent of the time, that one per cent is all the cybercriminals need to make their efforts worthwhile,” says Gill. “Stay safe and take a second to think before you click on any link."