Batu69 Posted March 22, 2017 Share Posted March 22, 2017 The fake Google sign-in page looks exactly like this. With a little know-how, most phishing scams are pretty easy to detect. This one, on the other hand, is devilishly clever and just might dupe you if you’re not careful. The way this phish scam works is simple. Wordfence, who brought light to the scam, says the attacker creates an email address to disguise themselves as someone you know. Then they send you an email with an attachment, like a PDF or Word doc, that looks legitimate. When you click the attachment to see a preview of it, you get redirected to a Google sign-in page where you enter your credentials. Here’s the trick: those attachments aren’t attachments—they’re embedded images designed to look like attachments that link out to a fake Google sign-in page. You can see an example of how real they look in Tom Scott’s tweet below. Quote This is the closest I've ever come to falling for a Gmail phishing attack. If it hadn't been for my high-DPI screen making the image fuzzy… pic.twitter.com/MizEWYksBh — Tom Scott (@tomscott) December 23, 2016 What’s worse is everything about the fake Google sign-in page looks normal. The logo, text boxes, and tagline are all there. The only difference is in the address bar, where careful eyes will see that the page is actually a data URI with the prefix “data:text/htyml”, not a URL with the standard “https://”. But if you don’t spot it, the attackers get your information and use it to send out more of the same phish emails to your contacts. Google has since updated Chrome to 56.0.2924, which makes it easier to spot fake forms like these, but it doesn’t exactly stop this type of scam dead in its tracks. And whether you use Chrome or not, it’s important to stay vigilant and keep your eyes peeled when checking email. Article source Other source: Warning: Dangerous new Gmail phishing attack can easily steal your Google login Link to comment Share on other sites More sharing options...
virge Posted March 22, 2017 Share Posted March 22, 2017 Solution: Don't open email attachments from someone you don't know or were nor expecting. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.