Phishing — is an older style of cyber-attack but remains one of the most common and efficient attack vectors for attackers, as a majority of banking malware and various ransomware attacks begin with a user clicking on a malicious link or opening a dangerous attachment in an email.
Phishing has evolved than ever before in the past few years – which is why it remains one of those threats that we have been combating for many years.
We have seen phishing campaigns that are so convincing and effective that even tech-savvy people can be tricked into giving away their credentials to hackers. And some that are “almost impossible to detect” and used to trick even the most careful users on the Internet.
To help combat this issue, Google has introduced a security defence for it’s over a billion users that will help users weed out phishing emails from their Gmail inbox.
Google has rolled out new anti-phishing security checks for its Gmail app for iPhone users that will display a warning about potential phishing attempts when users click on a suspicious link from within the app on their iPhone or iPad.
This new feature will take nearly two weeks before it is available everywhere.
According to the tech giant, when a user clicks on a link that Google thinks could be suspicious, they will be displayed a pop-up, warning of an untrusted nature of the website they are attempting to visit.
This link leads you to an untrusted site. Are you sure you want to proceed to example.com?
If the user ignores this first warning and continue, the Gmail app will display another warning with more detailed information about the suspected malicious website that the company finds it to be a malicious phishing page.
Warning – phishing (web forgery) suspected
The site you are trying to visit has been identified as a forgery, intended to trick you into disclosing financial, personal or other sensitive information.
You can continue to example.com at your own risk.
A similar feature has already been made available in the Gmail app for Android since May of this year.
Although the feature would surely not detect every phishing attempt that could compromise your credentials, we believe it will help users combat such attacks to much extent.
So, always exercise caution over what links you click mentioned in your emails or attachments you open.
Additionally, Gmail users need to enable two-factor authentication, so even if attackers have access to your credential, they will not be able to proceed further without your phone or the USB cryptographic key in order to access your account.