Sophos Cloud Optix
The Gmail database is not congested, and Google is not asking users to confirm that their accounts are still active.
But, it seems that scammers are hoping that you might believe that’s true, according to one of the latest phishing attacks that has been spammed across the net.
Here’s what a typical email looks like:
Subject: De-Activation Alert!
Message body:
Dear Gmail Account User,Due to the congestion in our Gmail database, We will be shutting down all unused accounts before on the 30th of June. You will have to re-confirm your account as soon as possible to enable us upgrade your account before the deadline date.
To confirm your account kindly fill the account verification form.After Following the instructions in the sheet, your account will not be interrupted and will continue as normal. Thanks for your attention to this request.
[LINK]We apologize for any inconvenience.
Thanks & Regards,
Engineer.J.Williams
Upgrade Team Controller
As the link does point to a webpage hosted somewhere on Google.com, some computer users may believe that the form they are being directed to must be genuine. However, it is actually pointing to a spreadsheet on Google Docs – pages which can be created by any Tom, Dick or Harry.
And, in this case, a “Google account verification form” is attempting to trick you into handing over personal information – such as your name, full date of birth and password.
The eagle-eyed might spot the spelling mistake in the form (“confrim” rather than “confirm”) but you can hardly rely on the phishers making errors like that as a way of protecting yourself.
Why are the scammers using Google Docs to host their phishing pages?
Well, they hope that potential victims will believe it’s a genuine Google resource as it is hosted at an authentic Google URL, and that rudimentary security software won’t feel comfortable blocking the entire google.com domain. (Of course, good security software is smarter than this).
Users shouldn’t forget that a site like Gmail knows if you have been using it recently or not – because every time you log in or send an email a record is kept somewhere inside the Googleplex.
Not that Google is likely to run out of any storage space or plan to shut down any dormant email accounts any time soon by my reckoning..
Hat-tip: Thanks to Naked Security reader Guido for sending us a tip about this scam.
I got a similar type message on my yahoo account – that it was going to be deactivated. Thanks for letting us know about this scam.
Spammers/phishers should hire an English consultant, it would probably increase the effectiveness.
So who really made this? Tom Dick or Harry? lol =D
It seems to be aimed at Americans or made by an American also. My country does not use a ZIP code nor do I think a lot of countries do. Or at least I don't think most countries call it a zip code.
Yeah users "should" know better that Gmail tracks your log in information but believe me they don't. Also users should ALWAYS ALWAYS ALWAYS know NEVER to give password to support even if they ask. A good support team knows not to ask because they can reset passwords. Not to mention almost all passwords are encrypted so what would they need your password for anyways?
Another good trick if you’re in doubt is to enter the wrong password. If the website accepts it as good, you know it’s a phishing scam.