Off the wire
Sandstorms sweep through northern China  • Roundup: British construction sector maintains weak growth  • Interview: Australian businesses should link with China for Belt and Road opportunities: expert  • (BRF) China Focus: Laotian song "Belt and Road" popular on Internet  • LeBron scores 39, Cavaliers dominate Raptors 125-103 in Game 2  • Death toll rises to 35 in Iran coal mine explosion  • Myanmar sends nearly 150,000 migrant workers abroad in FY 2016-2017  • Preconceived bad effect of Mekong clearance should not affect survey work: expert  • U.S. researchers develop flexible, biodegradable semiconductor to reduce e-waste  • Former short track speed skater Wang Yang combines sporting experience and entrepreneurship  
You are here:   Home

Gmail users targeted by phishing attack

Xinhua, May 4, 2017 Adjust font size:

A phishing campaign targeting Gmail users took place Wednesday, prompting Google, the provider of the service, to disable what it called "offending accounts" that initiated the attack.

Like all phishing practices, the attack was carried out by sending an email to Gmail users, with the attacker pretending to be someone they may know. However, unlike other phishing practices, the email was posed as an invitation to join a Google Doc.

Once clicking the Google Doc link in the phishing email, the users were led to a page that goes to Google.com and then was requested to grant permission for the app that the attacker wrote to access users' Gmail account, thus exposing all of their emails and contacts.

In addition, the app would send emails on the users' behalf to other targets, Cooper Quintin, a staff technologist at the Electronic Frontier Foundation, was quoted as saying. And it works whether or not the user has changed password or has two-factor authentication enabled.

Google issued a statement, saying it has "disabled offending accounts" and "removed the fake pages," as its abuse team is working to "prevent this kind of spoofing from happening again."

There is no immediate report on how many Gmail users have been affected. Endi