

Google Wave Phishing Hack - axemclion
http://blog.nparashuram.com/2010/02/phishing-with-google-wave.html

======
Sidnicious
I don't really see how hosting the attack at Google is impressive —
gmodules.com is no more believable as a proper login page than
login.google.com.2de4dasdz.cx, or any of the usual phishing URL schemes.

Maybe there's some merit to not loading external, untrusted gadgets into waves
without user approval, but where there's user-supplied data, there'll always
be phishing.

~~~
axemclion
Well, it is not believable. The point here is that many people dont really
notice the URL, specially when they are redirected to that page from inside
Wave.

