Subtle Gmail attack, look out for “data:text/html”

There’s a write-up at Wordfence about a subtle new type of attack via the Google Mail service. You receive an attachment that looks like its come from one of your contacts, possibly related to a shared interest or project. So your guard will be down.

 

 

At the top of your browser you can see https://accounts.google.com which sounds ok. However there’s a bit of extra info to the left, as you can see, saying “data:text/html”. That’s where the attack comes from and it triggers a sign-in page that looks like Google asking for your password again.

Delete the email, walk away!

© Redleg.Net > IT Support Preston Lancashire
TopBusiness Premium WordPress theme