Fake Gmail login warning after malicious emails

There are new malicious emails being sent to Gmail users prompting them to change their passwords, the email looks legit at first sight and lets the Gmail user know their account has been logged into from an unrecognized device.

If you look at the second screenshot below via Trend Micro Inc it shows what the email says, “Hi, We noticed a login to your Gmail account (Blanked Out Word) from an unrecognized device Aug 04, 2014 1:45 AM CEST from Chicago, IL. Was this you? If so, please disregard the rest of this email.”

Obviously this is not you, so you may carry onto the next part. The email goes on to say, “If this wasn’t you, please follow the links below to keep your Gmail account safe,” the two link options include ‘Change your password‘ and ‘Update your account password reset info‘, there is also a tab that says ‘Check Your Account‘.

The links within the email head of to a HTML file hosted on Google Drive, Jay Yaneza via Trend Micro Inc explains the file is not malicious itself but will detect what browser and operating system the visitor is using. This will then redirected the user to a certain website pretending that one of their plugins needs updating – Below is the Fake plugin download page screenshot.

Fake plugin download page

In a nutshell the malware will steal usernames and passwords, it basically acts like a key logger and will allow remote commands from the hackers. Please do read more about the Gmail login security warning by clicking on the link above.

Have you had this type of Gmail security breach yet via the malicious email?

Fake Gmail login warning after malicious emails