Fake Gmail Attachment Phishing Scam is out, Be Careful!

Most phishing scams are pretty easy to detect. This one, on the other hand, is devilishly clever and just might dupe you if you’re not careful.

This new one doing the rounds in Gmail inboxes is one that appears to include an attachment, which in reality isn’t an attachment at all. Instead, it’s just an embedded image that looks like one:


If you click it, as we’re generally wont to do when we spot an attached file, you’ll be taken to a Google sign-in page where you’re asked to enter your password. Of course, this is also fake:


What’s worse is everything about the fake Google sign-in page looks normal. The logo, text boxes, and tagline are all there. The only difference is in the address bar, where careful eyes will see that the page is actually a data URI with the prefix “data:text/html”, not a URL with the standard “https://”.

screen shot 2017 01 18 at 11 15 41 am

But if you don’t spot it, the attackers get your information and use it to send out more of the same phish emails to your contacts.

How to Protect your Gmail account?

Google has since updated Chrome to 56.0.2924, which makes it easier to spot fake forms like these, but it doesn’t exactly stop this type of scam dead in its tracks.

Of course its recommended that you always use Google Chrome to check your email, and whether you use Chrome or not, it’s important to stay vigilant and keep your eyes peeled when checking email. Plus, you should add two-step authentication, an added layer of security that can help prevent account takeovers.

Stay tuned for more Google Tips & News!


Don’t forget to Subscribe (On the Sidebar)

Share on facebook
Share on twitter
Share on linkedin

Reach out


This methodology requires the most effort to implement but it results in the most optimised recurring cost and will provide the best scalability for apps. This involves re-adapting the code of applications and the heavy use of SAAS solutions in order to replace existing hosted applications.


This method utilizes the power of  PAAS services, like transferring a database to an as-a-service model,  the use of containers for some apps or the use of network/security functions as a service. Greater scalability and lower cost of operation is achieved.

Re-Host (Lift & Shift)

the migration of workloads from  to the cloud without changing the architecture. Machines get to keep their  OS and apps. This is the quickest and easy way to migrate, but since its  utilising IAAS, its is also the most expensive on the long term.