There’s a new “phishing” style e-mail going around, designed to gain information about you, specifically your login credentials for your Gmail accounts. Experts are saying that it looks so real, even experienced “tech-savvy” users are becoming victims.
In a nutshell, the email is disguised as an email from someone on your contacts list. In the email, there’s an attachment. When you click the attachment, a new tab opens up in your browser. Once the tab opens (even the URL looks authentic at first glance, but once you study it, you’ll notice it’s fake), you’re taken to a Gmail login screen, where you type your user name and password again, then boom, you’ve just let some random person into your account. They can browse your emails, contacts, and send their email to more people.
If you open an attachment and the URL starts with “data:text,” and then a usual looking gmail.com/whatever after it – that’s a fake link. So instead of just “https://accounts.google.com/ServiceLogin?,” it looks like “data:text/html,https://accounts.google.com/ServiceLogin?,” and you’ll want to close it out immediately.
There’s more information on the technique here on iNews, including ways you can prevent youself from becoming a victim.