New Phishing E-mail Campaign Attacking Gmail Users Identified
As per the security researchers at the security firm Sophos, a new phishing e-mail campaign attacking Gmail users has been identified by them on the Internet.
The phishing e-mails comes with a subject line of "De-Activation Alert!". The text of the e-mail informs users that due to clogging in their Gmail database, they (Gmail) will be closing all unused accounts before 30th of June (2011). The e-mail further informs users that they need to re-confirm their accounts immediately to allow them (Gmail) to upgrade their account prior to the deadline date.
Sophos highlighted that, to substantiate his account credentials the e-mail receiver is asked to fill the account verification form by clicking on a link enclosed within the body of the phishing e-mail.
Sophos further stated that phishing scams like this one are not unusual; however the technique of attack is smart enough that it may successfully work well.
As per Sophos, those users who have been scammed into following the enclosed link (in the phishing e-mail) and directed to a bogus webpage will possibly offer desired information (name, e-mail id, password, date of birth, etc.) to the scammers.
Nonetheless, the smart Gmail users might identify the spelling error in the form ("confrim" instead of "confirm"), Sophos revealed.
Commenting on the whole matter, Graham Cluley, Senior Technology Consultant at Sophos stated that, the scam artists are harboring their phishing page in Google Docs as they expect that prospective victims will think that it's an authentic Google resource, and as the simple security software won't block the complete google.com domain, as reported by Security News Daily on June 6, 2011.
As usual, netizens are suggested not to follow such links enclosed in unwanted e-mails - even if they do appear to come from services they utilize (like Gmail in the above mentioned instance). Besides, users are recommended to use frequently updated versions of Internet security software.
Cluley concluded and stated that, users shouldn't overlook the fact that, that a website like Gmail is well aware whether users have been using it lately - as each time users log in or send an e-mail, a record is maintained somewhere inside the Googleplex, as reported by Naked Security on June 6, 2011.
Related article: New Zealand Releases Code To Reduce Spam
» SPAMfighter News - 15-06-2011