March 28, 2024
Headlines

How Gmail Phishing Emails Bypass Filters and How To Detect Them

Miners Hashrate011 mins
Gmail phishing email example with a link and the ‘from’ account is suspicious

How Gmail Phishing Emails Bypass Filters and How To Detect Them

Contents hide
1 How do these spammers get past Gmail filters?
2 How to identify a Gmail phishing email example?
3 How to report phishing attempts in Gmail?
4 Closing words
4.1 Related posts:

Although spam is something we are faced with every day, it should be taken very seriously. There is no strict law against spam, and most prominent spammers are only caught for wire fraud or other financial crimes and not for spam emails. The only real solution is spam filters.

While Gmail has pretty advanced spam filters, it’s not perfect. From time to time, spammers find their way through the filters and have the opportunity to distribute your phishing emails. As a Gmail customer, you need to know how to identify and handle these emails when they pass through filters.

This is also becoming increasingly difficult as spammers advance their phishing techniques. Some of the latest Gmail phishing is so advanced that it even appears to come from legitimate domains, and even the email code is disguised to look legitimate and bypass Gmail filters.

How do these spammers get past Gmail filters?

The purpose of phishing emails is to collect your data. These could be email addresses that spammers can sell, credit card information, personal information for identity theft, and even links that distribute malware and ransomware. Gmail adapts its filters frequently and quickly once these threats are identified. However, it is difficult to trace the source as these spammers never use the same email account for more than a week.

In recent weeks, there has been a notable increase in spam that bypassed the Gmail filter, according to Sergio De Los Santos, Director of Innovation and Cybersecurity Laboratory at Telefónica Digital. These latest phishing attacks appear as emails related to packages waiting to be delivered.

Read This Now:   Windows under attack, there is a flaw but the patch is missing. How to try to protect yourself

The email header for these phishing emails will show something like: ‘Received: from http://parmaxiz.org.uk (127.0.0.1)’. This makes it appear that the email originated from a legitimate domain. These domains can target real companies like Microsoft, Netflix, and more to make them appear legitimate.

Upon inspection, all of these domains were created fairly recently. They all contain a mailing list record with a single form field, an unsubscribe button, and smartly encourages you to submit a request and not enter your email address. This way, they all look real. However, by interacting with any of these options, you are telling the spammer that your email address is active. Or by giving them more information (including your email address) by completing the ‘request’ as these forms collect email addresses even if you don’t enter one.

In the body of the email, they always include information that seems legitimate. The text is usually in English and will contain purchase confirmations or password reminders; however, this is usually hidden in HTML code (Base64 code). This code is organized so that the reader cannot see it. Still, it is enough to fool Gmail filters.

Base64 code is completely useless except to fool Gmail filters. So what will readers actually see in the body of the email? What we see when we open the phishing email is a png file. This png file is repeated on various websites and looks a lot like each other.

Once you click on the email, you will be directed to a very smart bot. This bot will interact with you in your local language and inform you that it has a package in its offices. They will even provide you with an image and other details to make it convincing. They will continue to tell you that the delivery address is unclear. They will ask you to provide the correct information and pay the shipping fees. And so they have you.

Read This Now:   100 variants of 7nm chips from TSMC

How to identify a Gmail phishing email example?

There are a few different ways to identify potential phishing emails. The first thing you want to see is the address of the email you received. In some cases, it can be fairly easy to spot spam or phishing email, as the sender’s address may not match the company you are trying to spoof. However, the email address appears to be from a legitimate domain in some of these more recent attacks.

Another example of a Gmail spoof email is an email that includes a clickable link or button that redirects you to a suspicious page. How do you know it’s suspicious? Look at the address in the link. In many cases, the address will not be the legitimate domain of the company being impersonated.

Gmail phishing email example in which account

If you receive an email regarding a package, such as the current attacks taking place, you may find it challenging to see if the email is a phishing attempt. However, if you haven’t ordered any packages and you know that no one has shipped any to you, you have reason to be suspicious. If you have any coding knowledge, you can look at the HTML of the email to see if the Base64 code matches the content of the email body. Alternatively, you can contact the company listed in the email directly, without using any contact details from the email, and check with them directly.

How to report phishing attempts in Gmail?

Although Gmail filters are quite advanced when it comes to blocking spam and phishing attacks, spammers evolve and are always looking for ways to bypass the filters. Like the recent spike in spammers tricking filters into making it look like emails originate from a specific domain and getting creative with Base64 code. Google’s best adaptation is to adjust the filters to accommodate these new threats. Google can only do this if the problem is flagged. This is why it is so important to report phishing emails as quickly as possible.

Read This Now:   Vinyl video? It is possible thanks to VinylVideo

If you report phishing, Gmail can start working on rules to block these types of harmful emails. Google has also made it very easy to report any email it finds suspicious, and you can do this directly from your Gmail account. Just open the suspicious email from your Gmail inbox. You then click on the three vertical dots to open more options. From the drop-down list, choose to report the message as spoofing.

Report phishing emails in Gmail

Closing words

Phishing emails have been around for as long as they’ve been. The best defense is Gmail filters and knowing how to identify potential phishing attacks. If you see suspicious emails, be sure to report them so Google can start working on solutions to block these attempts. The latest attacks appear to be coming from legitimate domains, and even the body of the email looks real. They also come on the premise of a package that is in your office and needs to be delivered to you. Be careful and make sure the email is 100% real before revealing any of your details.

More about Gmail:

What does file mean in Gmail?

What are the best Chrome extensions for Gmail?

advertising

Related posts:

Google’s Self-Designed Tensor Chips will Power Its Next Apple Unveils Smartwatch With a Focus on Fitness FSP T-Wings, a box to mount two PCs at onceFSP T-Wings, a box to mount two PCs at once PS5 and Xbox Series X SSDs will surpass PC NVMePS5 and Xbox Series X SSDs will surpass PC NVMe new 32GB DDR4 memories with ultra low latencynew 32GB DDR4 memories with ultra low latency WQHD IP monitor of 27 inches and 170 HzWQHD IP monitor of 27 inches and 170 Hz

Related News


Notice: ob_end_flush(): failed to send buffer of zlib output compression (1) in /home/gamefeve/bitcoinminershashrate.com/wp-includes/functions.php on line 5373

Notice: ob_end_flush(): failed to send buffer of zlib output compression (1) in /home/gamefeve/bitcoinminershashrate.com/wp-includes/functions.php on line 5373