The ruse aims to steal usernames and passwords for Gmail and other services, and "is being used right now with a high success rate," according to Mark Maunder, CEO of WordPress security plugin Wordfence, who described the campaign in detail. Like other phishing attacks, this one starts with an email. Instead of a random person, the email may appear to have been sent by someone you know, and it may include an image of an attachment you recognize from the sender.
"You click on the image, expecting Gmail to give you a preview of the attachment. Instead, a new tab opens up and you are prompted by Gmail to sign in again. You glance at the location bar and you see accounts.google.com in there," Maunder wrote.
Once you sign in, the attackers have full access to your account. Read the rest of the story by PC Magazine.