A hard-to-spot phishing attack is targeting Gmail users, according to a security firm.
A potential victim receives an email from a known contact with what looks like an attachment—but that opens a tab with a fake Gmail login page that captures username and password, according to a blog post by Wordfence CEO Mark Maunder.
Not only is the login page convincing; the address in the URL contains “accounts.google.com” like the legit Gmail login page does. Once a victim “logs in,” the attack uses the compromised account to send more emails to the account’s address book. Whoever is behind the attack can also access the account’s emails and other connected services.
Maunder suggests changing passwords, checking Gmail’s activity logs for unauthorized use and enabling two-factor authentication.
A Google statement to the blog confirmed the company is aware of the issue.