You might think you ’re technical school - savvy enough to spot a bogus electronic mail from a chiseller pretending to be PayPal or eBay , but what about one come from a intimate impinging ? And what if the message attached interpret just like something sent from a material person ? That ’s precisely what a unexampled email phishing scam is doing to unassuming Gmail users , concord toBoing Boing .
The attack , which wasinitially reported by Wordfence , come in the form of an email from a user who has already been compromise by this scheme . The email will come from a familiar destination in your contacts , complete with an attachment ( an image or link ) to fall into place on . Some of these emails are even designed to look like reply to previous emails to your tangency , making it even harder to fleck the scam right away .
Once you get across on this fond regard , you ’ll be sent mighty back to your Gmail sign - in screen . This could all sound suspicious already , except for the fact that in the URL for the signal - in screen , you ’ll see " accounts.google.com . " It wo n’t be the real Google sign - in CRT screen ( there is other extraneous URL text edition that affirm that ) but if you ’re in a rush , or just unfamiliar with what itshouldread , it ’s loose to take over you just have to re - input your login info . And that ’s where they get you .
After that login entropy is entered , the cyberpunk will now have your selective information , and they are ready to do the whole thing over again to one of your contacts . Wordfence has an business relationship of how this all works :
Twitter drug user Tom Scott posted a screenshot of what to look out for if you ’re ever enigmatically propositioned to log back into your Google account for no apparent understanding after get across on an bond :
In the URL , you’re able to see " data : text / html … .. " at the front , which should n’t be there . And if you scroll ( a lot ) past the textual matter in the computer address bar , eventually you ’ll issue forth across even more foetid code . At that point , get out of dodge and interchange your login info for unspoiled measure .
[ h / tBoing Boing ]
