Gmail Scam alert! Experts are falling for this phishing trick

Researchers at WordFence that builds security tool for the blog site WordPress has warned users in a about the new phishing attack. The clever trick is so difficult to detect that experts have been falling for it.

Here's how it works:

1. You will receive an email from someone you know.
2. It will easily pass as a genuine email.
3. It comes with an attachment that will also look familiar.
4. Once you click on it, you will be redirected to a Gmail login page.
5. The page is designed to look exactly as your Google Gmail login page.
6. The fake login page will compromise your details.

In fact, the attachment that looks like a PDF or some other file format is just an image that redirects you to the fake login page. The login page is so genuine that you will quickly start keying in your details. It is an exact, except for the URL. The URL has these words 'data:text/html' in the beginning.

It should be noted that your genuine account will come with ‘accounts.google.com’ and you won't find anything other than ‘https://’ and the lock symbol. 

The attackers will quickly log into your account and use actual attachments along with similar subject lines to send it to people in your contact list. That's one of the reason why you will find the email genuine and familiar.

Needless to say, the attacker has full access to your emails and can download whatever he wants. Your Gmail account may also give it control over your other services linked to Gmail. 

Do not fall for this trick! Always safeguard your accounts with two-factor authentication and watch out for that URL.