Phishing Trick Targeting Google Relies on Data URIs to Mask the Page's Real URL

  • 30 June 2016
  • 1 reply
  • 193 views

Userlevel 7
Badge +54
See Also - Google, Microsoft Address Problems in Their URL Shorteners
 

This is harder to spot than other similar phishing campaigns

 
                                    http://i1-news.softpedia-static.com/images/fitted/340x180/phishing-trick-targeting-google-relies-on-data-uris-to-mask-the-page-s-real-url.png
 
Jun 30, 2016 10:20 GMT  ·  By Catalin Cimpanu  Google took down a recent phishing campaign that was abusing Goo.gl short URLs and an older data URI trick to mask the page's real URL and fool victims into thinking they were on the actual Google login page.
 
According to My Online Security, who analyzed this recent phishing campaign, crooks were spreading around a Goo.gl short URL, now taken down, which was redirecting users to a page on the nwfacilities[.]top domain.
 
Data URIs used for URL spoofing phishing scams 
The problem was that this page contained source code that would refresh the page and replace its original URL with one that read, "data:text/html,https://accounts.google.com/ServiceLogin?service=mail&passive=true&rm=false&continue."
 
Full Article

1 reply

Userlevel 7
Too little, too late in my view...they really need to get a grip re. this sor of thing.

Reply