Live Global Events: Secure, Simplify, and Transform Your Business.

Zscaler Blog

Get the latest Zscaler blog updates in your inbox

Security Research

Be Aware Of Gmail Phishing Pages

August 22, 2011 - 2 min read
Phishing is certainly not a new attack vector but attackers are constantly using it to fool victims into entering sensitive information like authentication credentials. As I mentioned in a blog post a couple of years back, such attacks will never go away as phishing is a trivially easy attack vector that can be used to steal sensitive personal information. There are number of popular websites being targeted in phishing campaigns to steal sensitive information. Recently, we came across one website claiming to be a Gmail login page. Here is the screenshot of the website:



The above page is largely identical to a legitimate Gmail login page but there are a couple of important differences to be noted. The address of the website is not “” but rather points to “hxxp://”. Additionally, the copyright notice is out of date.


If you enter your username and password, the entered data will be sent to a malicious server and you will then be redirected to the legitimate Gmail website. The attacker has done this intentionally so that a victim will assume that the initial login wasn’t successful and they must then re-enter their login credentials.


Even if you enter fake information, you will be redirected to legitimate Gmail site. For testing purposes, we have entered fake account information. The following packet capture illustrates the POST request:




The victim’s email address and password has been sent to “input.php” and they are then redirected to the real “” website. There are plenty of such websites are present on the Internet and users should be cautious any time they are entering login credentials. Always check URL address before entering any sensitive information on a webpage. Instead of clicking on links, when possible manually enter the website address in the address bar.





form submtited
Thank you for reading

Was this post useful?

Explore more Zscaler blogs

A cyber criminal shopping for malware
Agniane Stealer: Dark Web’s Crypto Threat
Read Post
Business people walking through a city
The Impact of the SEC’s New Cybersecurity Policies
Read Post
Digital cloud illuminated in blue
Security Advisory: Remote Code Execution Vulnerability (CVE-2023-3519)
Read Post
The TOITOIN Trojan: Analyzing a New Multi-Stage Attack Targeting LATAM Region
Read Post
01 / 02
dots pattern

Get the latest Zscaler blog updates in your inbox

By submitting the form, you are agreeing to our privacy policy.