Gmail Phishing Site

We found a new phishing site today targeting Gmail usernames and passwords. The site (gmail-security.com) uses authentic parts of the Gmail website and one of the few things that unsuspecting users might notice is the unofficial Google domain and some minor aesthetic differences. If credentials are entered into the site a POST will be sent via load.php and then a forward to the official Gmail site is made.

Malware Database

The phishing site gmail-security(dot)com is 403 now and McAfee SiteAdvisor knows about it:

http://www.siteadvisor.com/phishing.html?d...il-security.com