Over the weekend Wordfence released information about a very effective phishing attempt going around that is targeting Gmail users. The attack comes in as a message with a link that takes you to what looks like a Google sign in page. Upon further inspection of the address bar, you find that though it has accounts.google.com in it also has a bunch of extra information. The data:text is the big give away.
Once you supply your credentials the attackers immediately sign into your account, attach a virus and then send it out to your whole contact list. Keep an eye on your contact bag and be aware of where you supply your credentials.
Get the full story and updates about the Phishing Attempt at Wordfence
Also published on Medium.