Hackers have reportedly devised a new phishing method which seems to be tricking even the most experienced and tech savvy users into revealing their account details.
The highly effective phishing campaign seems to be running on a sophisticated automation feature that pounces on newly compromised Gmail accounts to mount a secondary attack on users in the contact list.
Once hackers have taken over a Gmail account, they launch their secondary attack by sending out emails disguised under recently sent attachments and a relevant subject line. The email contains a thumbnail version of the attachment which, when clicked, opens up a convincing Gmail login box a trap that tricks users in revealing their Gmail account password.