Wordfence, which makes a security plugin for WordPress, discovered a phishing technique targeting Gmail users that...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
starts with an email sent to the target user's account that sends them to a fake login page designed to look like Google's. What are the indicators users can look for to confirm that a webpage is legitimate? Are there any tools or add-ons that can prevent these sorts of phishing techniques and attacks?
Phishing attacks continue to be among the most effective ways to compromise an enterprise.
Wordfence blogged about this phishing technique from early 2017 that targeted a confusing user interface issue in Chrome web browsers, which could make a webpage appear to be Google's login page (the address bar featured accounts.google.com, leading users to believe it was authentic). Google has since addressed the issue.
Sometimes, the standard advice sounds trite, but may still be the only advice upon which we can reasonably agree. There are varying views in the security community about the value of security awareness and its effectiveness versus focusing efforts on using the company's budget for security tools. People continue to be victimized by phishing techniques, and as a security community, we need to make significant improvements to better protect people, along with reducing the cost incurred by enterprises from compromised accounts. The guidance Wordfence released about how to identify phishing techniques and fraudulent webpages is good, but we need to do more.
For this specific Gmail phishing attack, a data URL that includes a file is displayed in the location bar, which is then opened up in a new tab. Google released a Chrome web browser update, which now displays a not secure message in the location bar whenever a data URL is displayed.
There are endpoint and network-based tools and cloud services that can help address phishing. Many web browsers and endpoint security tools already include some level of protection against phishing techniques. The Anti-Phishing Working Group has a lengthy sponsored tool list that includes many different classes of tools, ranging from attack detection to email filtering.
As part of your incident response process for phishing attacks, you could perform a root cause analysis to determine what security controls need to be improved to minimize the impact of a future phishing incident, and then find tools in that category to complement existing tools.
Learn what approach your company should take after staff members fall victim to phishing attacks
Read about a phishing attack that uses voicemail notification emails to spread malware
Find out how to provide security awareness training to educate healthcare employees
Dig Deeper on Email and messaging threats
Related Q&A from Nick Lewis
The OurMine hacking group recently used DNS poisoning to attack WikiLeaks and take over its web address. Learn how this attack was performed from ...continue reading
Typosquatting was used by threat actors to spread malware in the NPM registry. Learn from expert Nick Lewis how this method was used and what it ...continue reading
Threat actors are using phishing email campaigns to fool users with tech support scams and fake Blue Screens of Death. Learn how these campaigns work...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.