New Scam E-mail Targets Google Users
As per the security experts at security firm Sophos, a new scam campaign is spreading like wildfire across the Internet targeting Google users.
The subject of the scam e-mail was account verification. It informed the user for updating their e-mail address. It also enlightened the recipient for modifying and recovers their e-mail address in the files. The recipient is required to respond and inform them back on the fake address. In case of failure of the same, the account would automatically be suspended and a link, http://accounts.google.com is also sent, which is required to be updated, if not done earlier.
Clicking on the link sent through the spammed email does not take the internaut to his Google account settings. It rather leads them to a compromised website, which is hosting a phishing page manufactured to steal password, highlighted Sophos on its naked security blog post.
On receiving all the account information by the internauts, they are collected in a database managed by the crooks running the scam. The information, pertaining to username and password can not only be utilized readily to deceive the victim's contacts and friends into hitting the well-crafted links, and demand them with cash for help.
However, Google has executed many tactful features that safeguard all the accounts.
Experts recommended that not only dual step verification system and tough passwords always works wonder to ensure that any account is never trapped, but common sense also work wonders. For example, never trust a so-called login page by Google that are hosted on other domain than the one which are famous, such as gmail.com. It is also recommended not to click on doubtful e-mails that are disappointingly written, even signed by G-mail. Apparently, netizens are advised to use legitimate Google page only by typing the accurate URL or through the bookmarks available with them.
On a nutshell, this is not the first time that G-mail users are hit by scam campaign. In September 2010, phishing e-mails imitating Google team were on the roll, which informed a recipient of his Google information being incomplete. Users were asked to update their Google account for security reasons by downloading and opening an attachment.
Related article: New Zealand Releases Code To Reduce Spam
» SPAMfighter News - 19-04-2012