US Officials Hit By Gmail Phishing Attack

According to Google official blog phishing attack targeted “senior U.S. government officials, Chinese political activists, officials in several Asian countries (predominantly South Korea), military personnel and journalists.” This is an old story time has changed but the aim of that attackers remain same.Phishing or fake page is a famous in which an attacker use some trick to get the credential information.

The attackers once again attack on US officials by using a phishing technique, however Gmail provides an extra security by the feature of 2-step verification. This time an attacker targeted to military and government employees and associates by using crafted email.

This attack is not similar with the normal phishing attack I mean that attacker did not provide any link or attachment of fake pages while they have used some tricks to make a user fool. They made the email look like a form for activating a subscription to a number of publications by The Center for a New American Security (CNAS), a Washington-based think tank.

When the victim has entered the confidential information, the information send to the server located in Houston, Texas, and the user redirected to the Gmail inbox. The attackers has not used any forwarding mechanism and than the account viewed by the attackers to check desired output.
Source: net-security.org

Note: If you want to learn more about Linux and Windows based Penetration testing, you might want to subscribe our RSS feed and Email Subscription  or become our Facebook fan! You will get all the latest updates at both the places.
Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

What Makes ICS/OT Infrastructure Vulnerable?

Infrastructure security for operational technologies (OT) and industrial control systems (ICS) varies from IT security in several ways, with the inverse confidentiality, integrity, and...

Everything You Must Know About IT/OT Convergence

What is an Operational Technology (OT)? Operational technology (OT) is a technology that primarily monitors and controls physical operations. It can automate and control machines,...

Understand the OT Security and Its Importance

This article discusses OT security and why it is essential for protecting industrial systems from cyberattacks. We will also discuss common control objectives that can...

What is Deepfake, and how does it Affect Cybersecurity?

Producing deepfake is easy. It is hard to detect. They operate with a description of reality rather than reality itself (e.g., a video). Any...