Gmail Accounts Are Under Attack, and Its Fooling Even Security Professionals

 

It’s a really bad time to be a Gmail user, and I wouldn’t want to be Google either. There’s a new type of phishing attack that’s using a simple form of doxxing that is almost guaranteed to catch you off guard. It’s going to let them get into your Gmail account, which means that they’re going to be able to get at your bank account information and you know where that leads. You’re also going to be an unsuspecting dupe in spreading their attack to all of your friends.

In today’s Tech Sanity Check I explain exactly what’s going on and the two ways you can use to protect yourself — unless you’re the President of the US.

Related articles:

There’s a new Gmail phishing attack going around, and it’s fooling everyone

http://craigpeterson.com/news/theres-a-new-gmail-phishing-attack-going-around-and-its-fooling-everyone/11457

Samsung will blame the Galaxy Note 7’s battery when it releases its findings on Monday

http://craigpeterson.com/news/samsung-will-blame-the-galaxy-note-7s-battery-when-it-releases-its-findings-on-monday/11460

More stories and tech updates at:
www.craigpeterson.com

Don’t miss an episode from Craig. Subscribe and give us a rating:

www.craigpeterson.com/itunes

Follow me on Twitter for the latest in tech at:

www.twitter.com/craigpeterson

For questions, call or text:

855-385-5553

Transcript

TTWCP-DAILY-15_2017-01-20_ Gmail-Phishing-Attack

Below is a rush transcript of this segment, it might contain errors.

Airing date: 01/20/2017

Gmail Phishing Attack is Even Fooling Security Pros – How You Can Keep Yourself Safe

 

Craig Peterson: Hi, Craig Peterson here. Time for another TechSanity Check. And today we’re going to talk about Gmail. A lot of people are really excited. Isn’t Gmail wonderful? There’s so much less spam, so much less nastiness going on from the malware community, from the hackers, from the phishers. Well it turns out that there is a huge attack right now against Gmail users. And you know what, there’s not much Google can do about this. It’s even catching the pros. So we’re gonna talk about what it is, what you can do to avoid it. We’ll turn you into a little bit of a pro here. Plus Samsung, hey they had a little press conference this morning on Friday and they had a couple things to say about why their Galaxy Note 7s were exploding and catching on fire. And yeah you’re right, yeah. No, you’re right. Nothing to do with them, right? Don’t blame us for exploding phones. We’ll talk a little bit about that as well. A lot going on as usual and we’re getting ready for tomorrow’s show by the way, live on iHeartRadio. On also a bunch of different terrestrial radio stations. Remember what those are? So make sure you tune in for that and if you want to be in my insiders list to get a link to the live radio show as well as to be able to get some inside info just text my name Craig 855-385-5553. Well let’s get going. Lots to talk about today.

 

(TTWCP EARWORM)

 

Well, let’s start talking about this whole Gmail thing coz it’s huge. We’ve seen phishing attacks against multiple clients of ours multiple times. And for those who aren’t really aware, here’s what phishing is. Phishing is where someone goes ahead and sends something to you to try and get you to respond. Now it usually contains some sort of personal information, some stuff that’s going to make you think that these are good friends of yours or maybe they know you a little bit better than, obviously, they really do. And phishing and doxxing tie in pretty tightly together. And we’ll have to talk about doxxing in one of the dailies. We’ve talked about it a lot on some of the weekend shows because it’s been very effective. Spoke with the FBI just a couple of weeks ago and they were saying that in fact, 1 case one case of phishing doxxing ended up costing the company 43 million dollars. Now isn’t that a nice way to make a quick profit you know. Better than robbing banks.

 

So how do you get affected? Well we already know most of us about what documents to open, what not to open. It gets very, very confusing. I get it. I understand. But you know by now most of us know if there’s a lot of misspellings in it, if the grammar’s bad, if it’s from someone we don’t know, just don’t open it. If you can avoid that, definitely, don’t open attachments. Don’t open those zip files. You know that thing, that email from the Better Business Bureau, is almost certainly not from the Better Business Bureau. And if you open it up and there’s a zip file attached, don’t open the zip file. Don’t open the PDF. Our friends at Adobe had just had tons, tons of security vulnerabilities. It’s very, very annoying. And we’ve had some calls from some of our clients here where we have software that keeps our machines up to date keeps all of our software, including the Adobe software up-to-date. And if they cancel that daily update, you know where they don’t log out so some of the stuff doesn’t happen, eventually Adobe stops supporting the software. Well once a piece of software is no longer being supported, they no longer providing updates, for security updates that’s when the bad guys go really crazy with their zero-day attacks. At that point what happens is the bad guys say wait a minute now, Adobe is no longer supporting this version of whatever it might be. Whether their Photoshop or more commonly Acrobat which is their PDF reader or they also have some professional software. So as they’re no longer supporting this particular version we know about some vulnerabilities here that we’ve never used, now’s the time to use

them because Adobe’s not going to patch their software. No one’s going to get an update. No one’s going to get a patch for that software. That’s a really big deal. So now they released their zero-day exploits.

 

So there is no defense against them and they spread like wildfire out there. It’s a real big problem. So what we do with our clients is we have special software on their machines that make sure they’re not running any major pieces of software that are no longer supported that we can’t get security patches for. And if they are, because they have continually said no, don’t install. We don’t want an upgrade. I’m busy. Don’t do it. Then the software we just disable. We completely turn it off. In fact, many times we completely remove it from their system. And they call us up, say why did you do that? What’s going on? I can’t run Acrobat Reader anymore. And of course the problem is they didn’t let us do the maintenance we wanted to do. So now they have to wait for us to manually go in, reinstall the latest versions, supported versions anyways, of the software and make that all work. Because why? Because there’s hackers. Because they’re going after it. And they’ll send you an email that has a PDF attachment and you’re used to getting PDFs and you’ll open the PDFs and they’re using exploit that there are not fixes for, and will never be fixes for because in this case Adobe has decided they were, they’re not going to do any more security updates for it because they’ve had newer versions available for free for a long time, right?

 

So that’s what they’re doing that’s how a lot of the phishing works. They send you the email. It looks like it’s from a friend. Maybe it doesn’t. But it’s got some personal information so you kind of trust it.

 

Let’s talk about this whole Gmail thing. What’s happening in Gmail right now? Well, Google of course, is a kind of a trusted provider of email services. They’ve got a lot of features. They’ve got a lot of cool stuff. And one of the nice things about it is you don’t have to run it. You don’t have a server that you have to have in your business. And they are taking care of a lot of the spam problems. They take care of a lot of the hacker problems. But here’s what they’re doing right now. The bad guys, they’ve compromised some Google Gmail accounts. Regular accounts. And they started with a few that’s all they needed because they went into those accounts and they looked through the history. Who have these accounts? Who have they sent emails to? And what emails have they sent? Which attachments have they sent the people? And then what they’ll do is they’ll use that account to send an attachment to someone else. Now this attachment is very, very well-crafted. It’s really quite clever the way they did it.  We said if all the bad guys used their smartness here for good, we would be a whole lot better off. But now that third-party gets the email and it looks like it’s from their friend Joe. And it’s got a subject line that Joe would use. In fact they got the subject line from Joe’s sent email folder. So it’s got a subject line that looks legit. We know it’s Joe. And we know he uses this email account at Gmail. Or you know remember Google also hosts other business domains for businesses. So it might not even say it’s from Gmail. It might actually say it’s from company X right? That’s entirely possible.

 

So you get that email looks legitimate and Joe sent you the spreadsheet last week and now he’s sending you an email that says he got an update to that spreadsheet. You look at the attachment link. Sure enough looks just like the email you had last week. It’s got a picture of the spreadsheet, a screenshot of the spreadsheet on it. But you know, how could it be more legit than that? So you click on that picture to open up the spreadsheet and what happens? Well now Gmail’s asking you to login again. Aww, freaking Gmail and so what do you do know? It’s, it’s definitely Google. It says Google. The link says Google. All of it’s Google. We know it’s Google. So then what happens? Okay we know it’s Google guess what it isn’t really Google. It’s really them. And sorry about that. That was my phone. Someone’s calling me as we’re recording. It’s really them. You’ve entered your information, so you logged in into Google. And now they got you and will redirect you so you’re back at Google. Everything looks fine because in reality you’ve always been logged into that Google Gmail account right? You never logged out and you’re back on your normal way.

 

But what happens is almost immediately now, remember they have control of your account. So they’re going to go into your account and they’re going to do the same thing. They’re going to look for people who you had previously been sending emails to. What have you been sending? What are your normal subject lines? What do they look like? And they are going to now send emails to your friends, your business contacts using your Gmail account that they’ve compromised making them look legitimate so you are friends now. Even some of the pros as I mentioned when we first started the show today, even some of the pros are going to open that particular attachment, right? At least they’re going to try to. And they’re going to fall prey for this scam as well. Really big scam and there is a way around this. There’s something you can do.

 

By the way if you miss that phone number at the beginning, if you text your email address to me I’ll put you on my email list and I’ll put you on my insider’s list as well. So that I send one or two texts a week it isn’t a whole lot but you’ll know about my live show when it’s occurring. You can listen to it on the iHeartRadio app. Or you can listen to it over trust roll radio if you’re up here in Northern New England on Saturday. And we’re also trying to keep up to date on a few things.  I have some giveaways that we have they were working on. But the only way you’re going to find out is if you open up your texting app right now and you send me a text to 855-385-5553. And I’ll keep you updated. I’ll let you know about the goings-on. And like today what we’re talking about I’ll send that information to you as well. Very important information. And by the way, we’re compiling some of these things and we’re putting them into… we’re trying to figure out the format. Is it better in a book type e-book? Or is it better and maybe some sort of an app. You know, and almost kind of integrate artificial intelligence. But anyways what’s the best way to do that?

 

So how do you protect yourself from this type of Gmail hack? Well it’s actually fairly simple. Now if, if you’re the president of the United States, and congratulations new president, right? So if you were the president of the United States what’s one of the first things they do? Well, they took Donald Trump’s Android phone away from him. Now remember 8 years ago, they tried to take Obama’s Blackberry away from him and he said no, no, no, no. He put up a fuss. He threw a fit. He had a tantrum whatever it was he did. He said there’s no way. And of course the Secret Service is saying you cannot use a Blackberry. And I’m glad they did by the way, because it turns out that the intelligence communities have had [??] for decrypting Blackberry now for at least a decade. So they’ve been able to read any emails any communications over Blackberry. It is not. Was not. Never was as secure as people thought. But anyways, Obama insisted that he continue to use his Blackberry. So the taxpayers spent millions of dollars to try and secure his BlackBerry device so he could use it, which is absolutely insane. Talking about arrogance. So what happened this morning? Trump surrendered his Android tweeting device and the Secret Service gave him a very secure device that he can use with a new phone number and everything out. So that’s all goodness.

 

So if you’re the president of the United States they can kind of work around this. And there’s ways to work around this. It is absolutely not foolproof. But if you’re not, if you’re Joe Average, Joe Regular, they’re probably not going to hack you. They’re not gonna bother with all the effort involved if you do this and that is use two factor authentication.  Use it on Gmail. Use it on everything. Everywhere it’s offered, ok?

 

So here’s what’ll happen. If you try and log into Gmail on a new computer it’s going to send you a text message. You respond to that text message or you use, in most cases, you use the secret code they sent you now to authorize this new computer you just signed in on, right? Makes a whole lot of sense. So turn on the two-factor authentication. Have them send you a text so if the bad guys try and log in. If you fall prey to this scam that’s spreading like wildfire you will be okay because they won’t be able to login, because they won’t have that secret code as they try and get in from wherever it is in the world they’re really trying to get in from. Now Google also was going to send you an email if you log in from a new computer just as a reminder. Don’t send it to your rescue account. So you might notice that, you might not. You know with the volume of email everybody gets, it’s really hard to say.

 

You know, sorry we can’t get to that Samsung story today. Their press announcement this morning. The whole press conference. We’ll try to get to that another day. But bottom line, Samsung’s not going to take blame on Monday when the report comes out. Their internal report where they examined everything and they found out that it wasn’t their fault. Wow. So maybe we’ll get to that Monday. Have a great day. Make sure you subscribe and keep up on everything here http://CraigPeterson.com/itunes. That’ll get you the daily podcasts as well as podcast copies of the weekend show after it airs. Have a great day. Take care and thanks for listening. I really, really appreciate it. It’s a whole lot of fun. Bye for now.

 

—–

Don’t miss any episode from Craig. Visit http://CraigPeterson.com/itunes Subscribe and give us a rating!

Thanks, everyone, for listening and sharing our podcasts. We’re really hitting it out of the park. This will be a great year!