There’s a new warning out for Gmail users.
A phishing scam is making the rounds that experts say are even fooling some experts.
Software engineering company Wordfence is sounding the alarm.
Here’s what’s reportedly happening, according to the company's blog:
First, you get an email from someone you know, and there’s an attachment. The scary thing? That attachment may look familiar, or seemingly something that person may normally send.
When you click on the attachment, Wordfence reports users are taken to a new tab with what looks like the Gmail log-in page.
Once users log in again, their accounts are compromised.
A couple of ways to help protect yourself:
- Enable two-step verification for your Google account.
- Keep an eye on those URLs. If you notice something strange before that "https" and there’s no lock symbol, be wary.
- Another thing, if you’re already logged in and go to open an attachment, you shouldn’t have to log in again in a separate tab.