I use gmail and regularly get emails purportedly from Google, warning me that my account’s been hacked and must click on a link to verify my account. Blah. Blah. Blah.
I *never* click on the link, because such emails are scams. Scroll down to end of this post for signs of a fake email from your server.
Here’s a warning from computer maven Kim Komando about the latest and very dangerous gmail scam:
There’s a dangerous new threat that’s trying to steal your Google password. If you fall for it, hackers will have full access to your Gmail account, YouTube account, Google+ account, Google Search History and any other Google services you use.
From there, they can break try to break into other similar accounts, like Facebook, or pretend to be you to trick your friends and family into giving away important information. So, you definitely don’t want to fall for this one.
The threat arrives in the form of an email, supposedly from Google. The subject line varies, but it’s some form of “Mail Notice” or “Lookout Notice.”
The body of the email says this:
GOOGLE MAIL NOTICE
This is a reminder that your email account will be locked out in 24hours
Due to not being able to increase your Email storage Quota
Go to the INSTANT INCREASE to increase your Email storage automatically. INSTANT INCREASE
Sincerely Gmail Team,
Copyright ©2014 Gmail. All rights reserved.
In the real email, the words “Instant increase” are linked. If you click the link, you’ll end up on a page that looks like the Google login page.
However, if you put in your username and password, they’ll be sent right to the hackers behind the email. Then they have full access to your Google account.
One thing that makes this message especially dangerous is the link itself. It’s designed to bypass Chrome and Firefox’s normal checks for phishing links, so you won’t get a warning.
How you know the email is fake
- The Spelling and/or grammar isn’t up to the standards of Google, one of the most profitable companies in history.
- There’s no Google logo and the From address says “Gmail,” but isn’t a Google domain name (i.e. there’s no “google.com” in it).
- Google will never ask you to click a link in an email. It will tell you to go to Google.com to sign in and where to go to fix your account settings. This is true of any major company.
H/t FOTM’s CSM
~Eowyn