Gmail users have been warned against a new phishing scam campaign called "bait attack," which is now targeting people using the email service of Google.
SYDNEY, AUSTRALIA - APRIL 09: Phoenix Crawford does school work on a laptop while his mum Donna Eddy replies to client emails on April 09, 2020 in Sydney, Australia. Massage therapist and acupuncturist Donna Eddy is able to continue running her business from home as a clinical practitioner after the Federal and State governments implemented tough restrictions and the closure of non-essential business due to COVID-19.
Gmail Users Warned Against New Phishing Scam
As such, billions of Gmail users are susceptible to being hit by the two-stage strike phishing attack, according to the report by The Sun.
It comes as the United States security firm called Barracuda Networks spotted the new phishing scam method that has seen more popularity among cyber attackers.
One of the researchers of the security company revealed that out of the total 10,500 organizations that participated in their survey, more than 35 percent of the groups have once experienced a "bait attack," at least as of September.
It is worth noting as well that the attackers are not only focusing on the users of Google's email service.
In fact, the security firm that unearthed the "bait attack" scam further warned that the rising attacks also include Yahoo and Microsoft's Hotmail.
'Bait Attack' and Gmail
As per the report by Bleeping Computer, there is a phenomenal rise in bait attacks online, which are being distributed mostly via Gmail accounts.
Gmail users are now being warned against a new phishing scam campaign flooding the email service called “bait attack.”
Related Article: Google Chrome Users Urged to Update Again! Four High-Level Vulnerabilities Exist, Tech Giant Warns
According to the data of Barracuda, over 90% of the bait attacks are being deployed by using a new Gmail account. As such, only 9% of the threat actors are using other email clients, including Yahoo.
Meanwhile, Barracuda further learned that "bait attack" scammers usually pretend to be anti-virus software firms, namely LifeLock and Norton.
Read Also: Secure Your Gmail Account Now Before Hackers Take Over Your Accounts! Here's How to Do It!
New Phishing Scam 'Bait Attack:' How it Works
With all that said, here's how the new phishing scam targets and attacks its victims.
"Bait attacks," as mentioned, is a two-step strike attack, which means that the scammers will begin by gathering information from their target before it goes with the actual attack.
In most instances, "bait attackers" start by sending an empty email with a subject text that only read "Hi."
The attackers send these kinds of seemingly useless emails to gather vital information for the attack, including the activeness of the email and vulnerability of the target to open such messages.
On top of that, the attackers could also know more details regarding the auto-spam settings of the user by simply sending the empty email.
After which, the attackers will then send the phishing email pretending to be a security firm to fool their target.
Barracuda suggested that artificial intelligence should be deployed to stop the proliferation of the new phishing scam.
This article is owned by Tech Times
Written by Teejay Boris
