Lubbock IT Alert: Phishing Attack Targeting Gmail Users

by: News Release & Posted By Staff | newsweb@everythinglubbock.com

Posted: Jan 21, 2017 / 09:44 AM CST

Updated: Jan 21, 2017 / 09:45 AM CST

The TTU IT Division alerts the Lubbock community of a new malicious email campaign targeting Gmail accounts. The attack works by sending emails containing an image that looks like Gmail’s “Attachment” icon. These messages may come from the compromised account of somebody the recipient knows. When the reader clicks the image, they are directed to a specially-crafted website that prompts them for their Google credentials. This website looks almost identical to a Google sign in page, and may even contain “accounts.google.com” in the browser’s address bar.

Once the user signs in, their account is immediately compromised. The attackers will log in to the user’s Gmail account and begin sending phishing messages to the email addresses in the address book, often using subject lines and attachment names that the user has sent in the past.

The TTU IT Division recommends the following steps to protect yourself from this attack:

Look for the lock icon on the browser’s status bar and make sure that “https” appears at the far left of the address bar. “https” indicates that the connection is secure and your information is encrypted. If you don’t see a lock icon or [https://]https://, then your connection is not secure and your information could be at risk;
Note: Some pages attempt to trick users by including https://accounts.google.com in the middle of the web address. Your connection is only secure if https:// is listed at the very beginning of the address.
Enable two-factor authentication for your Google account. This will help prevent outside sources from accessing your Gmail account;
Install, enable, and regularly update anti-malware/anti-virus software on your computers and devices;
Regularly update operating systems, application software, and mobile apps;
We encourage you to be vigilant in practicing cybersecurity, and invite you to learn more cybersecurity tips online at http://cybersecurity.ttu.edu. Additional information about this phishing scheme is available online at https://www.wordfence.com/blog/2017/01/gmail-phishing-data-uri. For more information or questions, please contact your local IT expert or an area IT consultant. Some area IT consultants are listed at http://cybersecurity.ttu.edu under “Additional Resources.”

The Lubbock ITAlert email distribution list is intended to provide critical IT security information for the Lubbock Community. The TTU Office of the CIO thanks the Lubbock Chamber of Commerce for helping to make this community initiative possible. We invite you to share this information with others, as appropriate.

The Cybersecurity Committee of the TTU IT Division has compiled useful information for you at http://www.cybersecurity.ttu.edu.

(News release from Texas Tech University)