A sophisticated new phishing technique that composes convincing emails by analysing and mimicking past messages and attachments has been discovered by security experts, the Independent reports.
Discovered by Mark Maunder, the CEO of WordPress security plugin Wordfence, the attack first sees the hacker send an email appearing to contain a PDF with a familiar file name.
That PDF, however, is actually a cleverly disguised image that, when clicked, launches a new tab that looks identical to the Gmail sign-in page.
Unfortunately, the attack’s imitation of the Gmail sign-in page is so convincing that many users will automatically enter their login details, simultaneously surrendering them to the hackers, who can proceed to steal your data and use one of your past messages to compromise another round of Gmail users.
In an example described by a commenter on Hacker News, the hackers emailed a link disguised as an athletics practice schedule from one member of the team to the others.
“The attackers log in to your account immediately once they get the credentials, and they use one of your actual attachments, along with one of your actual subject lines, and send it to people in your contact list,” added the commenter.