
Everyone Is Falling for This Frighteningly Effective Gmail Scam - gits1225
http://fortune.com/2017/01/18/google-gmail-scam-phishing/
======
kogepathic
So I'm assuming that the image is a hyperlink, and that this link contains the
"data:text/html" webpage designed to trick users.

So couldn't Google flag emails which have links to "data:text/html" as
suspicious?

Even if it came from a known contact, I can't imagine normal people emailing
around links with "data:text/html" as the link target.

~~~
cprecioso
Could be a redirect from a regular URL: Gmail -> Attacker's website ->
data:text/html

The attacker's website would only be visible for half a second, and users are
used to the dance of redirects before a login page, so this makes it not
suspicious

~~~
kogepathic
> Could be a redirect from a regular URL: Gmail -> Attacker's website ->
> data:text/html

Sure, I agree it's a game of cat and mouse. But GMail's spam filter in my
experience is pretty good, so if Google started flagging these messages as
spam based on the link contents/website it would help reduce the success rate.

------
teh_klev
Previous discussions from when this was first highlighted:

[https://news.ycombinator.com/item?id=13372985](https://news.ycombinator.com/item?id=13372985)

[https://news.ycombinator.com/item?id=13408078](https://news.ycombinator.com/item?id=13408078)

------
tinus_hn
How is this different from just copying the Google login page to a website you
control, with a URL that includes the right words?

~~~
gits1225
It is not that different, but the art is in the attention to details (the
sender can be posed as your colleague) and subtlety in execution.

------
Grangar
Clickbait title

~~~
gits1225
The title is not bait. It describes the post correctly and does not mislead
you. Just pointing it out; I did not change the title.

~~~
Grangar
Sure it is. 'This' is a terrible way describe an article. In fact it leaves to
the imagination what the scam is about, it might as well be another run of the
mill phishing email for all I know. The point here is to make me click to find
out what it refers to, therefore, clickbait. To increase this effect they
start off with 'everyone is falling for', which signals urgency but again
doesn't convey anything about the scam's nature. If you abstract away the
clickbait you end up with 'effective gmail scam'.

This is on fortune.com by the way, I'm not calling you out. The submission
title is the same as the article's, but that one is trash.

~~~
gits1225
I'd like to know more. I feel in this case the title should convey the urgency
with enough context. Which it does in my opinion. Just "Effective GMail Scam"
would not make me care enough to click through to the post. It is the fact
that "Everyone is Falling" that alerted me to the importance of the post.

~~~
Grangar
The purpose for a title is to both communicate the content and attract the
viewer. I'd use something a bit more descriptive, along the lines of "new
Gmail phishing technique hijacks sign-on page".

~~~
gits1225
We can agree to disagree on this.

