For months now, Gmail inboxes have been flooded with one form or another, of the “Your Account Information Has Changed” phishing attack. Unfortunately, I don’t expect to see this Gmail accounts scams reducing in volume any time soon.
This morning I received another email, purportedly from the Gmail Team, in which the spam scammer attempts to convince me that this is the genuine article.
Unlike most of these type of emails though, this one does not contain the usual misspelling, grammatical, and punctuation errors. In fact, this notice, as the following screen capture shows, is a brilliant forgery. And, it gets better, yet.
Despite the fact the cyber crooks involved here, have taken extraordinary care in developing this scam, the notice still shouts out the need to “stop and think” – before clicking.
No personalized greeting – Google, which knows more about me than anyone, except perhaps my mother, has chosen to use a generic greeting – Hello. How strange is that?
My information is incomplete – How can this be? I’ve been a Gmail user since day one, and I don’t recall that Google has ever been accused of losing data. This just doesn’t make any sense.
Of course, I didn’t response to this password phishing attempt and click on the enclosed link. But, those users who fell for this crafty scam were taken to a forged version of Gmail’s login page and, I’m quite sure – happily provided the requested information.
Google provides excellent advice on their page – Messages asking for personal information, from which the following has been taken.
Here’s what you can do to protect yourself and stop fraudsters:
Check the email address of the sender of the message by hovering your mouse cursor over the sender name and verifying that it matches the sender name.
Check whether the email was authenticated by the sending domain. Click on the ‘show details’ link in the right hand corner of the email, and make sure the domain you see next to the ‘mailed-by’ or ‘signed-by’ lines matches the sender’s email address.
Make sure the URL domain on the given page is correct, and click on any images and links to verify that you are directed to proper pages within the site. Although some links may appear to contain ‘gmail.com,’ you may be redirected to another site after entering such addresses into your browser.
Always look for the closed lock icon in the status bar at the bottom of your browser window whenever you enter any private information, including your password.
Check the message headers. The ‘From:’ field is easily manipulated to show a false sender name. Learn how to view headers.
If you’re still uncertain, contact the organization from which the message appears to be sent. Don’t use the reply address in the message, since it can be forged. Instead, visit the official website of the company in question, and find a different contact address.
If you enter your Google account or personal information as the result of a spoof or phishing message, take action quickly. Send a copy of the message header and the entire text of the message to the Federal Trade Commission at firstname.lastname@example.org. If you entered credit card or bank account numbers, contact your financial institution. If you think you may be the victim of identity theft, contact your local police.
Note: Despite 20+ years of experience using Webmail, one of my Gmail accounts was hacked recently. I have yet to work out exactly how this was accomplished.
It’s important that you know that Google is not immune to hacking, as the fairly recent fiasco in China, in which Chinese hackers compromised Chinese activists’ Gmail accounts, illustrates. In fact, Gmail hacking is a much more common occurrence than most users are aware of.
To further illustrate just how common this is, the article I wrote on being hacked – My Gmail Account Hacked From Nigeria, continues to be one of the most read articles I’ve written.
If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.