Now that Google Buzz’s buzz is over, here is a quick step-by-step guide of Google Wave Phishing attack
- Create a phished Google Login page. You could check out tackle.
- Search for public waves
- Reply to one of the messages, insert a gadget in your reply
- The gadget sets the top.location to the phished page.
- The victim now visits the wave and opens this unread wave
- The gadget kicks in, redirects the user to a phished page
- Since the victim was still inside and browsing wave, they may not suspect a phished page. They may think that they were simply logged out.
Watch the demo video
Via – Parashuram
