Skip to main content

Google accounts fall prey to complex phishing scam

Google account holders are warned to be vigilant after an enhanced phishing attack was spotted that can give hackers full access to any user’s account.

Bitdefender, the antivirus security firm, detailed that a hard to spot email is sent out to customers explaining that they need to increase the email storage quota of the account involved and the threat has so far bypassed Google Chrome’s uniform resource identifiers [URIs]

“What is interesting about this phishing attack is that users end up having the “data:” in their browser’s address bar, which indicates the use of a data URI scheme,” stated Catalin Cosoi, chief security strategist at Bitdefender.

Related: Why it’s vitally important to ensure your email account is secure

The email reads, “This is a reminder that your email account will be locked out in 24 hours. Due to not being able to increase your Email storage Quota. Go to the INSTANT INCREASE to increase your Email storage automatically.”

Once the INSTANT INCREASE link has been clicked it directs the user to a Google login web page that looks the same as the real thing and requests various account details that are used to infiltrate the account.

“With access to users’ Google accounts, hackers can buy apps on Google Play, hijack Google+ accounts and access confidential Google Drive documents. The scam starts with an email allegedly sent by Google, with “Mail Notice” or “New Lockout Notice” as a subject,” Cosoi added.

The data URI scheme means that scammers can include data in-line in web pages like they are external resources and it uses Base64 encoding to represent file contents, and in this instance supplies the content from the fake page encoded within the data URI.

It’s not the first time that Gmail accounts have been targeted by phishing emails although one this complex will worry those that use Google accounts and users are reminded to be vigilant towards any suspicious looking messages.