Subtle Gmail attack, look out for “data:text/html”
There’s a write-up at Wordfence about a subtle new type of attack via the Google Mail service. You receive an attachment that looks like its come from one of your contacts, possibly related to a shared interest or project. So your guard will be down.
At the top of your browser you can see https://accounts.google.com which sounds ok. However there’s a bit of extra info to the left, as you can see, saying “data:text/html”. That’s where the attack comes from and it triggers a sign-in page that looks like Google asking for your password again.
Delete the email, walk away!