Gmail Phishing?!?
A service that was available before on Google Plus, looks like the real thing, it asks for the username and password to be keyed in. It is hosted on Google but as said by Philip:
"The page looks like it’s official, and it’s indeed hosted on Google.com, but it’s not by Google. You’ll notice by the message you get after logging in:
You (could have) gotten served!
username = username you entered
password = password you entered No data was actually taken, just displayed to you :) This is just a proof of concept of what a malicious user could do with this exploit."
Currently, the page displays a 403 (Forbidden) message.
On other news, Google's mini-Matt, Adam Lasnik gave out some tips on paid links.
Basically, if it is for advertising, then it is Ok, but if it is for PR then you are just wasting your time and money.
"The page looks like it’s official, and it’s indeed hosted on Google.com, but it’s not by Google. You’ll notice by the message you get after logging in:
You (could have) gotten served!
username = username you entered
password = password you entered No data was actually taken, just displayed to you :) This is just a proof of concept of what a malicious user could do with this exploit."
Currently, the page displays a 403 (Forbidden) message.
On other news, Google's mini-Matt, Adam Lasnik gave out some tips on paid links.
Basically, if it is for advertising, then it is Ok, but if it is for PR then you are just wasting your time and money.
posted by Just Me at 10:15 AM
0 Comments:
Post a Comment
<< Home