Phishing Scam Impersonating Google+ Hitting Naïve Internauts

According to security researchers, Internauts should be watchful of scam e-mails that pose as messages from spurious "Google+ All Domain Mail Team," reports Help Net Security dated May 7, 2014.

Addressing recipients by their e-mail id, the phishing electronic mail begins by regretting what it has to say i.e. the team is conducting a survey to verify spam and fake campaigns. It's therefore essential for the user to take part in the survey so Google can deliver him better services. To participate, he must follow a given web-link. The survey has been designed for tracking fake phishing along with user domain while aiding in enhancing his mailing system.

The e-mail then mandates sending the verification response within 24-hrs of receiving the message failing which the user's e-mail account will be shut down based on the assumption that his account is fraudulent.

The e-mail finally concludes by extending an official "Thanks."

But, use of incorrect grammar along with weak spelling (like 'phishing' spelled as 'phising' and 'fraudulent' as 'fraulent') within the e-mail clearly suggests it's fraudulent. Besides, it's pretty understood that no employee from Google+ would have any authority to monitor measures for e-mail security. He wouldn't also be authorized for closing e-mail accounts. Indeed it's probable that the phishers intended for referring to Gmail rather than Google+.

Unfortunately, for some inexperienced and less savvy PC operators who may therefore click the web-link, the act lead them onto a site, which just asks end-users for logging in with personal e-mail id and password for their Google account, supposedly for filling in the verification form.

Once done, the login credentials would land up with the cyber-criminals who would utilize them for compromising their victims' Google accounts. With the same login details, several other Google services for the users could be accessed. Therefore, theft of victims' private info along with utilization of their Google+ and/or Gmail A/Cs for executing more scam and spam runs will be the obvious activities of the scammers, security analysts after examining the phishing electronic mails remark.

Therefore, anybody encountering such phishing messages must just erase them, specialists suggest.

» SPAMfighter News - 5/16/2014