There’s a new Gmail phishing scam that is crafty enough to fool even well-versed internet users.
The new Gmail phishing scam includes an image that looks almost exactly like the Alphabet Inc (NASDAQ:GOOG,GOOGL) company’s own attachment image. However, this is only a trick to gain a user’s login credentials.
When a person that is the target of the Gmail phishing scam clicks on the image in the email, it will take them to a page that looks almost identical to Google’s own login page. Once the person enters their email and password into the fake website, their account can be taken over.
This Gmail phishing scam has been around for a few months now, but has started gaining additional attention following coverage from Lifehacker. Those with acute eyes may be able to notice the hack due to the URL being incorrect for Google’s login screen.
If users don’t notice the URL change when being taken to the fake Google login screen, then they may get caught by this Gmail phishing scam. Users of Chrome that keep it regularly updated will see a warning when visiting a site like this, but other web browsers may not warn the user of the scam.
The Gmail phishing scam was originally discovered by Wordfence back in January. It suggests that users with fears that their accounts may have been hit in the hack should check their login history to see where their accounts have been accessed from. The website also advises changing passwords every few months, just to be safe.