GMail password phishing
This morning I found the following letter in my mail:
In fact, no files are attached to the letter, and all six links (View, Download ...) lead to the same address:
First, I got on a neatly made Google Docs dummy with the message “it’s impossible to display a document” and then a redirect to an equally good Google Account login, where I was asked to enter a password. For my own safety, of course :) Entering iditevzhopu, I got on the third fake page, supposedly docks with a list of some components.
')
In fact, no files are attached to the letter, and all six links (View, Download ...) lead to the same address:
http://95.211.83.65/~ru1/account.googlemail.com/viewer/13083e7f5f2c0890&mt/0AgIDhQrUEZCMdGc0ejVXZGZpb1FrbWo5cmc2ZVZOalE/?email=tutjaubralsvojmeil@gmail.com First, I got on a neatly made Google Docs dummy with the message “it’s impossible to display a document” and then a redirect to an equally good Google Account login, where I was asked to enter a password. For my own safety, of course :) Entering iditevzhopu, I got on the third fake page, supposedly docks with a list of some components.
')
Findings:
- It happens such a phishing, that the first time and you will not understand, especially on a mobile device, where there is no status line with the display of a real link.
- Less experienced users, usually operating on the machine, can easily buy. Even those who already know how not to download moigoliefotki.exe.
- Tell colleagues. A brief reminder of vigilance will not interfere on Monday.
Source: https://habr.com/ru/post/153981/
All Articles