Image via Wikipedia
The Gmail database is not congested, and Google is not asking users to confirm that their accounts are still active.
But, it seems that scammers are hoping that you might believe that’s true, according to one of the latest phishing attacks that has been spammed across the net.
Here’s what a typical email looks like:
Subject: De-Activation Alert!
Message body:
Dear Gmail Account User,Due to the congestion in our Gmail database, We will be shutting down all unused accounts before on the 30th of June. You will have to re-confirm your account as soon as possible to enable us upgrade your account before the deadline date.
To confirm your account kindly fill the account verification form.After Following the instructions in the sheet, your account will not be interrupted and will continue as normal. Thanks for your attention to this request.
[LINK]We apologize for any inconvenience.
Thanks & Regards,
Engineer.J.Williams
Upgrade Team Controller
As the link does point to a webpage hosted somewhere on Google.com, some computer users may believe that the form they are being directed to must be genuine. However, it is actually pointing to a spreadsheet on Google Docs – pages which can be created by any Tom, Dick or Harry.
And, in this case, a “Google account verification form” is attempting to trick you into handing over personal information – such as your name, full date of birth and password.
The eagle-eyed might spot the spelling mistake in the form (“confrim” rather than “confirm”) but you can hardly rely on the phishers making errors like that as a way of protecting yourself.
Why are the scammers using Google Docs to host their phishing pages?
Well, they hope that potential victims will believe it’s a genuine Google resource as it is hosted at an authentic Google URL, and that rudimentary security software won’t feel comfortable blocking the entire google.com domain. (Of course, good security software is smarter than this).
Users shouldn’t forget that a site like Gmail knows if you have been using it recently or not – because every time you log in or send an email a record is kept somewhere inside the Googleplex.
Not that Google is likely to run out of any storage space or plan to shut down any dormant email accounts any time soon by my reckoning..
Source :- http://nakedsecurity.sophos.com
Related articles
- Phishers exploit Google Docs with Gmail de-activation alert (nakedsecurity.sophos.com)
- Google Docs: A Phisher’s Best Friend? (searchenginejournal.com)
- How to stop your Gmail account being hacked (blogoholic.in)
- Googles Docs Found Hosting Phishing Sites & Other Questionable Forms (readwriteweb.com)
- How I Learned to Live Google-free (spectrum.ieee.org)
- Phishing Attempt Targets Google Accounts of U.S. Officials (searchenginejournal.com)
Comments
Powered by Facebook Comments
[...] Phishers exploit Google Docs with Gmail de-activation alert (blogoholic.in) [...]
Are you psychic? You must be as your writing so correctly fits all the questions I have for this topic. I only entered a couple of words in the google search and I am very thankful that your blog jumped up.
[...] Phishers exploit Google Docs with Gmail de-activation alert (blogoholic.in) [...]
Such a rejuvenating delight your blogs are. When you’re looking to get started out with a undertaking this really is the type of information that is needed. Please do not discontinue composing at this level.
[...] Phishers exploit Google Docs with Gmail de-activation alert (blogoholic.in) [...]
The awareness of this specific fundamental level of understanding further than the tactic that most professionals offer. I’d wish to be capable of getting my eyes on the resources you tapped to expose this. You have added to my analysis in your posting.