(OT) Google: "Somebody knows your password"

[Xen]

Joel Rees schreef op 04-08-2017 10:51:

> Well, if the OP is the target of an orchestrated attack, the poisoning 
> could actually be on another machine, maybe in the LAN or even in the 
> ISPs network. That's the reason for all the talk about https, but you 
> should still be careful.

That could be true of course.

Generally it seems infecting the ISP (or Google) seems more difficult.

Some ISPs may even use Google's servers (8.8.8.8).

The majority of fishing mails would be random.

I have never experienced a targetted fishing mail on a service I 
actually used.

90% at least is stuff I don't use.

Or stuff I do use but with a different email address ;-).

In case of Google the fishers have it easy of course.

So although that would be possible... idk it just seems less likely and 
a computer compromised is also much less likely than a regular fishing 
attempt.

After all, if your computer is compromised they don't need you to visit 
a web page.

They can just install a keylogger.

But DNS poisoning of an ISP is not going to be easy. So 99.999999% of 
cases you will just a see a phishing mail that will do what Joel 
suggests, hide the fact that you are going elsewhere.