Fake emails like this one have been sent to tens of thousands of Iranians on the eve of their presidential election.
Google has detected a significant jump in phishing activity in the region during the past three weeks. The messages appear to be sent from Google and provide a link where users can make changes to their account settings. If the user clicks on the link, they are presented with a fake Google sign-in page where the hacker can steal victims' usernames and passwords.
This phishing campaign does not appear to place any malware on the victims' systems or employ any sophisticated tactics. The search giant has also been able to disrupt a number of the email scams.
But it doesn't take much -- attackers could have unlocked a trove of information from their victims, accessing all of their emails, Google documents and Google chats.
"Gmail credentials are the keys to the kingdom," said Roel Schouwenberg, a senior researcher at Kaspersky Labs.
The scam emails have been sent to tens of thousands of Iranian Google users and Schouwenberg said this number is "very substantial" for a targeted campaign like this one.
During election season,Iran has a history of censoring certain websites, such as Google, Facebook ( and Twitter. The country has also completely cut off its citizens' access to the Internet at times. )
But security researchers note that obtaining data through phishing scams can sometimes be more useful than completely shutting off the flow of information.
|Fears grow over China property flameout|
|Oklahoma bans local minimum wage increases|
|How Zuck met Oculus: Facebook's big bet on virtual reality|
|Detroit to auction vacant homes online. Starting bid: $1,000|
|China GDP slows to 7.4% in first quarter|