Google account owners are being targeted by a new round of phishing attack, with cybercriminals targeting uniform resource identifiers (URIs) that helps display data in Google Chrome. The attack is mainly targeted at Chrome users, but has also reportedly succeeded against Mozilla Firefox users as well, according to security researchers.
The initial introduction email mimics something sent from Google, with email subjects of "New Lockout Notice" or "Mail Notice" in the subject line. The email itself is written poorly, with bad grammar and odd capitalizations, though that hasn't stopped users from being tricked due to the email.
"With access to users' Google accounts, hackers can buy apps on Google Play, hijack Google+ accounts and access confidential Google Drive documents," said Catalin Cosoi, Bitdefender chief security strategist, in a statement to Infosecurity. "The scam starts with an email allegedly sent by Google, with 'Mail Notice' or 'New Lockout Notice' as a subject."