There is a new highly effective phishing attach hackers are using to compromise your email. This one is much harder to recognize than any other attach. If you have already been infiltrated, you probably don’t even know.

The way this new phishing technique works is using your Gmail account. attacker will send an email to your Gmail account. That email may come from someone you know who has had their account hacked. It may also contain an image of an attachment you know from the sender.

You click on the image, expecting Gmail to give you a preview of the attachment. Instead, a new tab opens and you are prompted by Gmail to sign in again.

You look at the location bar or (URL) and you see this

This is what it should look like

Do you see the difference? The first URL is

data:text/html,https

this is the hacker trying to access your account.

If you do continue to login, you will get what looks like the normal google login page. (even though you just logged in.)

Pay attention, and ask yourself “why am I signing in again?”

Once you login again, that’s when you are giving the hackers your user name and password,  ALL access to your account and everything in it!