09 September 2010

Gmail #phishing campaign is under way

Fake notices inviting Gmail users to update their Google account information have lately been hitting inboxes around the world, warnsSunbelt.

Purportedly coming from the "Google Team", the rather legitimate-looking message tries to make the users download and open the attached Gmail_access.html file, which when opened in a browser presents a very realistic, but fake version of the Gmail login page:

If it looks realistic, it is because it loads certain graphic elements from the legitimate Gmail page, but a peek at the source code of the page reveals that the entered information gets sent to a script hosted on a domain registered in Serbia.

Source: http://www.net-security.org/secworld.php?id=9842