A new phishing campaign is targeting Google users. The campaign sends emails that appear to be from Google and ask the recipient to click on a link to verify their account. If the recipient clicks on the link, they are taken to a fake website that looks like the Google login page. Once the victim enters their login credentials, the attacker steals them.

The phishing emails are typically well-crafted and appear to be legitimate. They may contain the recipient’s name, email address, or other personal information. The emails may also contain a link that looks like it goes to a legitimate Google website. However, the link actually goes to a fake website that has been created by the attackers.

If you receive an email from Google that asks you to click on a link to verify your account, do not click on the link. Instead, go directly to the Google website and sign in there. You can also hover over the link in the email to see the actual destination of the link. If the link does not go to a legitimate Google website, do not click on it.

Here are some tips for protecting yourself from phishing attacks:

• Do not click on links in emails unless you are sure that they are legitimate.
• Be suspicious of emails that ask you to provide personal information, such as your password or credit card number.
• Do not open attachments from unknown senders.
• Keep your software up to date, including your web browser and email client.
• Use a strong password manager to create and store strong passwords for all of your online accounts.

If you think that you have been the victim of a phishing attack, you should change your passwords immediately. You should also contact your bank or credit card company to report the attack.

Source: checkpoint blog