Data URI scheme used by cybercriminals to disguise malicious URL
Security experts warn Google Drive users that cybercriminals are trying to trick them into handing over their usernames and passwords.According to ThreatTrack Security’s Chris Boyd, the emails are titled “Document” and read something like this:
“I tried to get these document across to you before. Hope you get it now? View it, i uploaded using Google doc and sign on with your email to access. View the document its important. [Link]”
The link appears to point to Google Drive, but it actually leads users to a website that’s set up to host a phishing page. In order to trick victims into thinking that they’re on a genuine website, the cybercriminals behind this scheme are using the Data URI scheme to disguise the malicious site’s URL.
If you come across such emails, act with caution. If you’re a victim, change your passwords immediately.