Results 1 to 6 of 6

Thread: Gmail phishing attack making the rounds, looks to be very effective at lookign legitimate

  1. #1
    Stocking Anarchy's Avatar
    Join Date
    May 2016
    Posts
    1,377
    Userbars
    11
    Thanks
    929
    Thanked 1,623 Times in 650 Posts
    Downloads
    182
    Uploads
    0
    Mentioned
    144 Post(s)
    Time Online
    47 d 8 h 50 m
    Avg. Time Online
    35 m
    Rep Power
    9

    Gmail phishing attack making the rounds, looks to be very effective at lookign legitimate

    If I am reading this correctly it is an old phishing attack that is making the rounds. I haven't heard of it before and the pages it produces look very legitimate.

    Some awesome info learned from the article was how to check if someone else has been accessing your gmail account.

    If you use GMail, you can check your login activity to find out of someone else is signing into your account. Visit https://support.google.com/mail/answer/45938?hl=en for info. To use this feature, scroll to the bottom of your inbox and click ďDetailsĒ (very small in the far lower right hand corner of the screen). This will show you all currently active sessions as well as your recent login history. If you see active logins from unknown sources, you can force close them. If you see any logins in your history from places you donít know, you may have been hacked. [Thanks Ken, I pasted your comment in here almost verbatim. Very helpful.]
    https://www.wordfence.com/blog/2017/...hing-data-uri/

  2. #2

    Salivating Slorg's Avatar
    Join Date
    Aug 2015
    Posts
    197
    Userbars
    3
    Thanks
    119
    Thanked 189 Times in 88 Posts
    Downloads
    19
    Uploads
    0
    Mentioned
    16 Post(s)
    Time Online
    25 d 11 h 8 m
    Avg. Time Online
    16 m
    Rep Power
    7
    Enabling 2-step verification protects against this since I get a text / email any time I log in from a new location.

  3. The Following User Says Thank You to Salivating Slorg For This Useful Post:

    Stocking Anarchy (01-13-2017)

  4. #3
    Aura's Avatar
    Join Date
    Apr 2014
    Posts
    2,999
    Userbars
    22
    Thanks
    4,548
    Thanked 4,743 Times in 2,039 Posts
    Downloads
    64
    Uploads
    0
    Mentioned
    934 Post(s)
    Time Online
    291 d 16 h 10 m
    Avg. Time Online
    2 h 35 m
    Rep Power
    15
    Yeah, enabling 2FA is the most effective. It should be the standard for all sites now, good thing a lot of sites are implementing it.

  5. #4

    Join Date
    Jan 2017
    Posts
    47
    Userbars
    0
    Thanks
    2
    Thanked 10 Times in 8 Posts
    Downloads
    8
    Uploads
    0
    Mentioned
    0 Post(s)
    Time Online
    17 h 11 m
    Avg. Time Online
    N/A
    Rep Power
    5
    Thankfully, a lot of sites are implementing it, but worryingly enough, a lot of major sites don't look like they have 2FA planned in the near future(Facebook, Twitter, Reddit, etc.)

  6. #5
    Aura's Avatar
    Join Date
    Apr 2014
    Posts
    2,999
    Userbars
    22
    Thanks
    4,548
    Thanked 4,743 Times in 2,039 Posts
    Downloads
    64
    Uploads
    0
    Mentioned
    934 Post(s)
    Time Online
    291 d 16 h 10 m
    Avg. Time Online
    2 h 35 m
    Rep Power
    15
    Quote Originally Posted by godofred View Post
    Thankfully, a lot of sites are implementing it, but worryingly enough, a lot of major sites don't look like they have 2FA planned in the near future(Facebook, Twitter, Reddit, etc.)
    Yeah, I really think Skype should get it as well. It's a huge target for people trying to crack into their accounts, so I don't know why they don't do it.

  7. #6

    Join Date
    Jan 2017
    Posts
    47
    Userbars
    0
    Thanks
    2
    Thanked 10 Times in 8 Posts
    Downloads
    8
    Uploads
    0
    Mentioned
    0 Post(s)
    Time Online
    17 h 11 m
    Avg. Time Online
    N/A
    Rep Power
    5
    Quote Originally Posted by Aura View Post
    Yeah, I really think Skype should get it as well. It's a huge target for people trying to crack into their accounts, so I don't know why they don't do it.
    I kinda understand it from an implementation perspective. It would cost more to actually implement 2FA(even if it's optional) than to just continue with what they're currently doing. "If it ain't broke, don't fix it" philosophy. Even with concerns about security, most big sites would rather put the burden of account security on the users instead of trying to make things safer through their own means.

  8. The Following User Says Thank You to godofred For This Useful Post:

    Aura (01-13-2017)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •