This Gmail Phishing Attack Is Fooling Even Savvy Users
Whoever is behind this campaign is either employing a team that’s ready to pounce on newly-compromised accounts or their code includes some fairly sophisticated automation features. As soon as a victim submits a password, the criminals log in to the victim’s Gmail account.
Once they’re in, they start gathering information to launch secondary attacks. They’re after a couple things. First, they’ll look for an attachment that the victim has previously sent to his or her contacts and a relevant subject line from an actual sent email. Then they’ll start gathering up contact email addresses. – READ MORE