If you’re using Gmail, you’ll want to read this. A new phishing scam is running rampant, infecting users at an alarming rate.
The phishing email comes from a trusted contact with a subject line and attachment they have likely used in the past so it appears to be legitimate, according to Dark Reading. However, the email contains a fake link or attachment which prompts you to enter your Gmail credentials. The sign-in page appears to be fully authentic, and the address bar even includes accounts.google.com, further tricking users to think the email is safe. The giveaway is the “data:text/html” in the URL.
If infected, your Gmail, as well as any connected services are compromised, and the scam is passed along to your email contacts.