Following the news about the Google phishing attack, IT security experts from McAfee and Plixer International commented below.
Raj Samani, Chief Scientist at McAfee:
“Phishing attacks remain the most common method of manipulating individuals into clicking on links and ultimately installing malicious content onto their systems. Taking advantage of trusted, well-known brands attempts to leverage the use of authority, resulting in the incoming messages to appear trusted to the consumer.
“People must be wary of unexpected emails, even if they are cited as being from a sender they know. Think twice before acting; go straight to the source through a different communication channel if you receive a link you were not expecting. Also, hover over links to see if it is a reliable URL. Or search online for other instances of this campaign, and what those instances could tell you about the email’s legitimacy.”
Bob Noel, Director of Strategic Relationships and Marketing at Plixer International:
“This attack on the Gmail service was very stealthy, and likely resulted in the compromise of a significant number of Google login credentials. With these hacked login credentials, cybercriminals will launch further phishing attacks from the accounts that were compromised. It is likely that these subsequent attacks will phish for personally identifiable information (PII) with the intent to use it for identity theft on a massive scale. Google should correlate data of all accounts that connected to the bogus landing page, and force those accounts to reset their passwords. In addition, if Google were to release the IP address(es) of the server(s) that hosted the malware, it would allow corporations that are running network traffic analytics to verify whether anyone within their environment connected to the hacked landing pages.”