Don’t enter your password into this site – it’s a proof of concept of how a phishing attack could be launched using the Google Public Service Search. The page looks like it’s official, and it’s indeed hosted on Google.com, but it’s not by Google. You’ll notice by the message you get after logging in:
You (could have) gotten served!
username = username you entered
password = password you entered No data was actually taken, just displayed to you :) This is just a proof of concept of what a malicious user could do with this exploit.
Eric Farraro has more info.
The discussion started in the forum.
>> More posts
Advertisement
This site unofficially covers Google™ and more with some rights reserved. Join our forum!