The web-based email service giant, Gmail, suffered big phishing attack across its billion-user platform on Wednesday afternoon, May 3, 2017.
The web-based email service giant, Gmail, suffered a big phishing attack across its billion-user platform on Wednesday afternoon, May 3, 2017.
The fraud involved sending a malicious link to Gmail account users from what looks like an existing contact from their address book. When users click on it while being logged on, the hacker can obtain access to the victim’s email credentials and accounts while enabling the virus to replicate itself.
Phishing is a common tactic among hackers, but this one, in particular, went a step further by sending a worm to your contacts, reproducing itself hundreds of times just with one click.
Google estimates that of all its users around one million is affected and among the targets was the US Senate staff.
For those who fell victim to this hack and clicked on the malicious link, the scammers were able to harvest their full email history including all the send and received personal data. With this information in hand, hackers were able to reset passwords for online banking, Amazon accounts, and even Facebook.
An official statement from Google said that they were able to stop the attack within approximately 1 hour, and even though the information was accessed and used by the hackers, their investigation showed that no other data was exposed.
Following this widespread phishing scam, Google is now introducing a new security feature on the Gmail application, available on Android with the main purpose to warn users about suspicious links.
This new security attribute is definitely a step in the right direction since there are many Gmail users using the app on their phones, and the phishing attacks are getting more and more sophisticated each time.