Google Chrome browser and phishing emails ..

Well, Google Chrome proved to be good browser for many reasons. I like the speed, the fact that is fully incorporated with my Google Apps and Android phone and of course the extra layer of security that is incorporated into the browser itself. It proved to be worth today again when I have received suspicious email from “my bank” with info that my account has been locked and I should click the link, log in to my account and resolve the issue.

As you can see the email looks very good, it is from the bank email address, has logo and right colors but there is one simple issue 🙂 – It is Phishing email. So I have right click on the link “sign in to Online Banking” and copied the link. Opened Notepad and paste the link there – woohoo !! Suprise !!

Suddenly the destination is NOT the Royal Bank website but some strange domain 🙂 So I have fired up my sandbox and copy the link and opened in Chrome browser .. it immediatelly was flagged as a phishing site, tried that same in Internet Explorer — no problem, was taken to the “destination site” of the bank.

Note the fancy link – bank real domain name and additional segment …if you click proceed or you opened in Internet Explorer – -was taken to the “bank” website.

As you can see nice authentic branding on the website except the link, no SSL certificate and all links are linked back to the evil link on the top 😉 If you do not pay attention and you click the link and eneter your user name and password for your account – you immediately become a victim of phishing attack and providing your personal info to attacker.