Internet users have faced a new phishing scam where Gmail users are tricked into sharing their credentials. The scammers are tricking the Gmail users by sending fake links or attachments which even seasoned users have fallen victim to this trap.
The scam was detected by Wordfence which they explained in their blog. Victims are targeted via an email to their Gmail account, which may include an attachment or image, and might even come from a contact you may recognise.
When clicked on, this opens a new tab with a page with the prefix “data:text/html” which closely resembles the real Gmail login page, and asks the user to sign in once more.
However the page is actually a portal for hackers to steal your email address and password information – giving them full information of your account.
How to avoid falling prey to Gmail Scam:
- Adoption of two level authentication can check this fraud. Adding mobile number and code being sent to access the account can prevent the hacking.
- Always trust the https security and the green padlock icon of the left of the URL bar which ensures that the data transmission is secure and encrypted.
- Have a careful look out for the prefix “data:text/html” in the browser location bar which is a sign of fake web page. The actual webpage should look like “accounts.google.com” and only this should be trusted