For months now, Gmail inboxes have been flooded with one form or another, of the “Your Gmail account needs verification to avoid being shut down ” phishing attack.
I mentioned earlier this month, that I didn’t expect to see this Gmail accounts scam reducing in volume any time soon. And sure enough, late today, I received another email, purportedly from the Gmail Team, in which the phisher attempts to convince me that this is the genuine article.
Dear Account User,
Bear with us, we ere undertaking a major upgrade in our Gmail network to ensure the security and privacy of our Gmail users and improve our service.
All Gmail Account needs Verification to avoid it being shut down due to recent problems encountered by Gmail Database system as a result of the ongoing upgrade. Please supply the details below to clarify that your account. so that it will not be deleted.
Username:
Password:
Birth date:
Country:
Note: Account owner that refuses to update his or her account within Seven days of receiving this notice will lose his or her account permanently.
Thank you for using Gmail!
The Gmail Team
It’s the same old, same old, though. Just like most of these type of emails, this one contains the usual misspelling, grammatical, and punctuation errors.
It looks convincing enough though, that some new Gmail users might easily be taken in. I know that you won’t be deceived by this type of clumsy attempt to defraud, but you would be surprised how often reasonably intelligent people are.
As with all emails of this type, the following issues raised immediate questions.
No personalized greeting.
The reply form asks for information that I initially supplied to Gmail when I activated my account.
The reply form asks me to provide my password. Isn’t this supposed to be kept secret even from Gmail?
Advice worth repeating:
If you have any doubts about the legitimacy of any email message, or its attachment, delete it.
Better yet, take a look at the email’s headers. Check the initial “Received from” field in the header, since this field is difficult to forge. Additionally, the mail headers indicate the mail servers involved in transmitting the email – by name and by IP address. In this particular case, the email actually came from vodamail.co.za (South Africa).
It may take a little practice to realize the benefits in adding this precaution to your SOP, but it’s worth the extra effort if you have any concerns.
Google provides excellent advice on their page – Messages asking for personal information, from which the following has been taken.
Here’s what you can do to protect yourself and stop fraudsters:
Check the email address of the sender of the message by hovering your mouse cursor over the sender name and verifying that it matches the sender name.
Check whether the email was authenticated by the sending domain. Click on the ‘show details’ link in the right hand corner of the email, and make sure the domain you see next to the ‘mailed-by’ or ‘signed-by’ lines matches the sender’s email address.
Make sure the URL domain on the given page is correct, and click on any images and links to verify that you are directed to proper pages within the site. Although some links may appear to contain ‘gmail.com,’ you may be redirected to another site after entering such addresses into your browser.
Always look for the closed lock icon in the status bar at the bottom of your browser window whenever you enter any private information, including your password.
Check the message headers. The ‘From:’ field is easily manipulated to show a false sender name. Learn how to view headers.
If you’re still uncertain, contact the organization from which the message appears to be sent. Don’t use the reply address in the message, since it can be forged. Instead, visit the official website of the company in question, and find a different contact address.
If you enter your Google account or personal information as the result of a spoof or phishing message, take action quickly. Send a copy of the message header and the entire text of the message to the Federal Trade Commission at spam@uce.gov. If you entered credit card or bank account numbers, contact your financial institution. If you think you may be the victim of identity theft, contact your local police.
It’s important that you know, that Google is not immune to hacking, as the fairly recent fiasco in China, in which Chinese hackers compromised Chinese activists’ Gmail accounts, illustrates. In fact, Gmail hacking is a much more common occurrence than most users are aware of.
To further illustrate just how common this is, the article I wrote on being hacked – My Gmail Account Hacked From Nigeria, continues to be one of the most read articles I’ve written.
If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.
Pingback: ANOTHER Gmail “We're Going To Close Your Account” Phishing Attempt … | Gmail HOT news
Hey Bill,
Another good way to see where these emails come from is to use a site like Whatismyipaddress.com, which has email tracing tools. You just cut and paste the header into the text box and the rest is done for you.
Cheers
Thanks Mal – I’ll check that out.
Best,
Bill