Phishing scams are one of the major attacks performed to steal user credentials. It is one the simplest method to steal credentials.
Phishing attack directs the user to a fake webpage and asked to enter the username and password once entered these credentials are stored by the attacker and user is directed to a genuine page
A new phishing scam is going viral where a mail is sent to the victim’s email stating that the victim’s email account is considered fraudulent account and if the does not verify his/her account within 24hrs, the account will be deleted .
When the victim follows the verify link he/she is directed to a fake webpage where the victim is asked to enter his/her credentials. Once submitted a success message is displayed stating that the account is verified and redirected to a genuine Google page .
The main aim of stealing user credentials are to perform malicious scams like spreading malwares, to spam the user contacts etc…
So the next time you are asked to enter your credentials in an unknown webpage make sure you check the URL and see if it has a secure connection..