I was doing something on GB a few minutes before the email came.
Otherwise I would have been more cautious of this fake email.
They said something changed on my account and to log in.
I clicked on the link and began typing my user name and password...
Luckily I did not click login but they still could have captured the info.
I used some traffic analysis to determine if they logged by key strokes after but I am not sure.
Realizing I was spoofed - I went to the real GB website and changed my password immediatly.
The original was a bit outdated and the new one is much more secure.
I can't believe I could have been so stupid. The email had an obviously fake email return address and other tells.
Since only one minute had past, I doubt they got in - especially since I never fully entered my login on the fake site.
So, all they have is my IP. Since I have a Mac - no malware was downloaded.
I am up on all the spoofing techniques but the timing was very lucky on their part since I was just doing something on GB.
It's like when you never answer a robocall unless you were expecting a call that moment and picked up.
In hindsight the fake website is full of flaws.
I wonder what the phishers are going to do with all their log in data that could be obtained from careless GB users.
Are they trying to get guns, payments, or what?
This would be a great way to highjack an account with lots of good feedback and run a scam to get paid with Paypal.
Lesson learned...
Always verify the source of such and email and keep in mind any such email is a scam.
Otherwise I would have been more cautious of this fake email.
They said something changed on my account and to log in.
I clicked on the link and began typing my user name and password...
Luckily I did not click login but they still could have captured the info.
I used some traffic analysis to determine if they logged by key strokes after but I am not sure.
Realizing I was spoofed - I went to the real GB website and changed my password immediatly.
The original was a bit outdated and the new one is much more secure.
I can't believe I could have been so stupid. The email had an obviously fake email return address and other tells.
Since only one minute had past, I doubt they got in - especially since I never fully entered my login on the fake site.
So, all they have is my IP. Since I have a Mac - no malware was downloaded.
I am up on all the spoofing techniques but the timing was very lucky on their part since I was just doing something on GB.
It's like when you never answer a robocall unless you were expecting a call that moment and picked up.
In hindsight the fake website is full of flaws.
I wonder what the phishers are going to do with all their log in data that could be obtained from careless GB users.
Are they trying to get guns, payments, or what?
This would be a great way to highjack an account with lots of good feedback and run a scam to get paid with Paypal.
Lesson learned...
Always verify the source of such and email and keep in mind any such email is a scam.