A series of phishing attacks aimed at stealing Gmail and Yahoo user login information is on the rise. I believe that the attacks are part of a larger campaign aimed at stealing user data and compromising computer systems.
If the users enter their login details on such phishing links, then the information gets transferred to the attackers. With the information in hand, the attacker can log in to the account and change certain settings that allow them to monitor all outgoing mail. The Gmail attackers enter the email address that they control under the “forwarding and delegation settings” which allows them to send and receive email messages without having to ever log back into the accounts.
Our team came across a few links which carry out the phishing attacks on Gmail and Yahoo Mail.
On further analysis of the phishing link “hxxp://consciousliving.me/gmail.html” we noticed that the domain ‘consciousliving.me’ is specially being used for carrying out these phishing attacks.
This domain also has many other phishing pages related to Gmail, Yahoo, Facebook etc. Attackers may also update this domain to create more fake phishing pages in order to carry out more attacks on other online services.
Quick Heal takes care of such attacks and blocks such phishing pages and protects its users.