Scam Alert: Rogue Gmail Account Phishing
Anthony M. Freed, Editor and Publisher of Information Security Resources
One of the penalties of having a well published email address is that I receive dozens of phishing emails, scam letters, and other nefarious material en masse daily.
Most of these are the typical inheritance, lottery, and sweepstakes scams - but then there are the ones that at first glance may seem legitimate.
Take for instance the following email I received over the holiday weekend.
The subject line reads the same as dozens of real Google Alerts I am subscribed to, so it did not occur immediately to spam it.
The email address of the sender and link that the message directed me to both had misspelled IP’s made to look similar to a Google address.
Then there is the poor grammar - or “bad grammar” for those who choose to practice it - another red flag.
But these are the kinds of things a sleepy, pre-morning-coffee-brain could easily miss, especially if you are someone who actively relies on Gmail on a daily basis and are still in shock from the recent Gmail crash, you might be apt to click a link before checking it out.
From: Google Alerts <email@example.com>(Disabled Link)
Date: Sat, Sep 5, 2009 at 1:58 PM
Subject: Google Alert - Deletion Gmail Account Request
This letter is to confirm that you ask us to remove Your Account from Googlemail database, We want to give you that last chance. We want to make sure that you want to delete your Gmail from database. If this request not from you, please follow our link bellow. But if you really request this action, please leave
Cancel remove (Disabled Link)
And Please leave this letter if you truly want to delete Your Gmail. Your Gmail will automatically Removed within 7 days.
* * *
The Publisher gives permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author and to Information-Security-Resources.com