A series of phishing attacks aimed at stealing Gmail and Yahoo user login information is on the rise. I believe that the attacks were part of a larger campaign aimed at stealing user data and compromising computer systems.
If the users enter the login details on such phishing links, then the information gets transferred to the attackers. With the information in hand, the attackers can log on to the user’s account to change certain settings that allow them to monitor all outgoing mail. The Gmail attackers entered the email address that they control under the “forwarding and delegation settings” which allows them to send and receive email messages without ever having to log back into the accounts.
Our team came across a few such links which are carrying out the phishing attacks on Gmail and Yahoo mail.
On further analysis of the phishing link “http: //consciousliving.me/gmail.html.” we noticed that the domain ‘consciousliving.me’ is specially being using for carrying out the phishing attacks.
This domain also has many other phishing pages related to Gmail, Yahoo, Facebook etc. Attackers may also be updating this domain for more phishing pages to carry out their attacks over other online services.
Quick Heal takes care of such attacks and blocks such phishing pages in order to protect its users.