Making technology work for you...

Get Your Free Subscription By Email:

Fake Gmail Login

Fake Websites 101: How to Spot Them?

Data security is paramount for anyone using sophisticated devices like smartphones, laptops, PCs, and tablets to connect to the internet. Phishing is a serious threat for individuals as well as businesses who value their data. According to ENISA (The European Union Agency for Cybersecurity), phishing attacks witnessed a huge spike in 2020 when people across the globe were forced to stay indoors due to the lockdown. Google is doing its bit in labeling malware and phishing sites. However, a little knowledge at your end makes it easier for you to such tackle threats.

New Gmail Security Flaw Allows Phisher's Steal User Login Details

In past, researchers have found various XSS (cross-site scripting) vulnerabilities in Google services allowing hackers to gain un-authorized access to users accounts which are now patched, but in an entirely new type of "Frame Injection Vulnerability" found by Adrian Pastor of the GNUCitizen, the researcher displayed how attackers can create authentic-looking spoof pages meant to steal user login information, the exploit allows attackers to inject third-party content into Google pages bypassing phising filters.

Gmail Hacking

Adrian posted proof-of-concept (do not enter any login info here) of this new exploit allowing him to inject fake Gmail login frame inside Google pages hosted on domain, the result page looks legitimate as the domain displayed in user address bar is increasing the hackers chances of getting the login data.

This is just one of the many helpful tips we have posted, You can find more stories here,
Do subscribe to updates using your favorite RSS feed reader or using the secure FeedBurner email update form on top of this post.