Not part of Gmail's sophisticated phishing scams

              The head, the Gmail user: a new phishing attack is carrying out attacks and even scam technically savvy users with security knowledge.
              According to Mark Maunder, chief executive of the WordPress plugin Wordfence, who described the campaign in detail, the purpose is to steal user names and passwords for Gmail and other services and "is being used. now with a high success rate. " Like other phishing attacks, this starts with an email. Instead of a random person, the email may appear to have been sent by someone you know and may include an image of an attachment that you recognize from the sender.
              "You click on the image, hopefully Gmail will give you a preview of the attachment, instead the new tab will open and you will be prompted to log in again. accounts.google.com in there" Maunder writes.
              When you sign in, the attackers have full access to your account.

              Google did not respond immediately to PCMag's comment request, but told Maunder they were aware of the problem and were working to improve the PCMag's defense against it.

              "We help protect users against phishing attacks in a variety of ways, including: machine-based detection of phishing scams, secure browsing alerts informing users of links Dangerous In Email And Browser, Prevent Suspicious Account Logins, and More. Also, enable two-step verification to protect additional accounts, "Aaron Stein from Google Communications told Maunder.

               At the point when an aggressor approaches your record, they promptly sign in and discover one of your genuine connections, in addition to one of your real headlines, and send it to everybody in the Your contact list keeps on caricaturing and damage more records. Maunder said the assailants could mechanize the arrangement, or they had "a standing group to deal with accounts when they were bargained."

              "When they approach your record, the aggressor additionally has full access to every one of your messages including send and get right now and can download a ton. , "he cautioned. "They now control your email address, they can likewise trade off numerous different administrations you utilize utilizing the watchword reset system."

               Maunder said a few people said the assault could even disregard two-factor verification, in spite of the fact that he was not able affirm this demand. As Google notes in his announcement, you should at present empower two factor confirmation as it makes your record more hard to break.

               To shield you from this assault, Maunder says you have to focus on the program's area bar when you sign in to Gmail. The area bar must read "https:/accounts.google.com ..". Also, in the event that you see this and just this, you ought to be ready. In this assault, the address in the address bar will incorporate "information: content/html" before "https:/accounts.google.com." Usually, normal, typical.