[ExI] nasty hijacking of my gmail account...extropian.pharmer at gmail.com

BillK pharos at gmail.com
Fri Jun 19 10:27:57 UTC 2009


On 6/19/09, Morris Johnson wrote:
> Nasty new phishing attack that sucked me in:
>

You need to fill in the gmail account recovery form here:
<https://www.google.com/support/accounts/bin/request.py?ara=1&hl=en>

(And, no, this isn't another phishing attempt!)  ;)

This gmail phishing email has been around since at least last year.

The place to ask about such things is the Gmail Help Forum here:
(Or do a search of the forum first).
<http://www.google.com/support/forum/p/gmail?hl=en>

There is an even nastier version of this phishing attempt going around
using Google Calendar.
<http://www.sophos.com/blogs/gc/g/2008/12/29/phishing-google-calendar>

Quote:
Unlike many phishing emails it included his real name alongside his
email address, and looked identical to a genuine Google Calendar
invite.

And that's because it is a genuine Google Calendar invitation to an
event (just like you might receive one to a friend's barbecue or New
Year's Eve cocktail party). And sure enough clicking on the link in
the email takes you to a "real event" in your Google Calendar, which
it appears a number of other people have been invited to as well.

Part of the event invitation reads as follows:

    THIS Email is from Gmail Customer Care and we are sending it to
every Gmail Email User Accounts Owner for safety. we are having
congestions due to the anonymous registration of Gmail accounts so we
are shutting down some Gmail accounts and your account was among those
to be deleted.We are sending you this email so that you can verify and
let us know if you still want to use this account.

The Calendar invite then encourages you to respond with your Google
username, password and date of birth.

Remember, you really are on Google's Calendar website. You haven't
been taken to a fake site posing as Google, but alarm bells should
definitely be ringing in your head at this point.

It should be obvious to everyone that Google is very unlikely to send
out an email of this nature, and that it wouldn't ask you to confirm
whether you wanted your account to continue by accepting an invitation
on your Google Calendar.

Furthermore, is it really likely that Google customer service would
have an email address like customerserviceXXXX at gmail.com (where XXXX
is a four digit number)?

What's happened here is that a scammer has created a Gmail account
with the name "Customer Varifaction" (another spelling mistake which
should have raised suspicion) and added these people as guests to an
event designed to steal their credentials. Google itself has then sent
the event invitation email automatically on their behalf, helpfully
inserting the recipients' real names.

As with any phishing email you receive on Gmail, you should report it
as an attempt to phish information from you, which will help warn the
security team at Google and help others.
----------------------------


Believe nothing! Trust no one! They're all out to get you!   ;)


BillK



More information about the extropy-chat mailing list