Thursday, October 09, 2014

A new gmail phishing scam

I was targeted today by a new gmail update phishing scam - or at least it's new to me.
  • I'm going to reproduce the email I was sent below 
  • PLUS the links to the Google pages which can help you understand the scam and report it to Google

This is the email (in blue). I've highlighted the email header in full (and deleted my gmail address!).


from: Mail Support Team
date: 9 October 2014 21:36
subject: Google Verification
Signed by:

Dear Gmail User,

As part of our security measures, we regularly update all accounts on our database system. We are
unable to update your email account and therefore we will be closing your email accounts to enable the web upgrade.

You have been sent this invitation because our records indicate you are currently a user whose account has not been activated. We are therefore you sending this email so you can inform us whether you still want to use this account. If you are still interested please confirm your account by updating your details immediately because out system requires an account verification for the update.

To prevent an interruption with your Gmail services, please take a few moments to update your account by filling out the verification and update form immediately.

Warning! Any account owner that refuses to update their account after receiving this email will lose their account permanently.

We appreciate your cooperation in this matter.

Gmail Member Services Team

© 2014 Gmail Inc. All Rights Reserved.

Things which alerted me to the phishing scam

The status of my account was incorrect

Always read an email carefully. Your eye gets drawn to the link which they want to click - but do read the email carefully twice if it suggests something is serious amiss and you need to take action.

In my example, the email indicates
You have been sent this invitation because our records indicate you are currently a user whose account has not been activated.
which is completely untrue as this is an gmail address which I have been using for many years. That was the point which triggered my attention. Checking whether or not my name was included was the confirmation I needed.

My name was missing

It's a FACT that if Google is writing to you as an individual Google account holder they will ALWAYS address you in the email header line by the name you gave when opening the account. If your name is missing and the email is about your gmail account, then it's NOT Google on the other end.

The grammar and sentence construction had problems

I've never ever received an email from Gmail where the sentence construction and grammar had lapses. If there's a problem with the English chances are there's a problem with the sender.

Check the status of your account

The next thing I did was log in to see if there was any indication that there was anything wrong with the status of my account. There was nothing untoward other than the email (which had been redirected to another address where I picked it up)

Google Help and report pages

These are the three pages which can assist you:
  1. Avoid and report Google scams - this provides a listing of all current scams known to Google. This is where I started - it highlighted that there was in fact a Gmail Phishing Scam.
  2. Messages asking for personal information - anything which seeks your validation is very likely to ask for some personal information from you.
  3. I would like to report a Gmail user who has sent messages that violate the Gmail Program Policies and/or Terms of Use.  
    • I used this to report the details of the scam and also to highlight who I thought was responsible for it ( an email received earlier in the day which bounced when I replied to it )
    • I took a pdf copy of the report I sent in (via print and then "save as pdf")

Current known scams - including the Gmail Update Phishing Scam

The current known scams and other resources are"

Specific scams
General resources
This is what Google has to say about the Gmail UpDate Phishing Scam

Gmail update phishing

Many phishers actively target Gmail users and attempt to steal their credentials. Phishers will often say that you need to update your Gmail account information or your account will be suspended. The link provided in the email will appear to be, but in reality the link will take the user to a site controlled by the phisher. Beware of these types of emails, and always double check that the URL in the address is what you expect before entering personal information or passwords.


  • Learn some steps to help you determine whether a message is phishing.
  • If you have Gmail, consider turning on two-step verification to add an extra layer of security to your Google Account.
  • If you received the phishing email from a Gmail address, you can report abuse to help Google take appropriate action on accounts involved in this scam.
  • Spam: The abuse of electronic messaging systems to indiscriminately send unsolicited bulk messages.
  • Phishing: Phishing is a type of online fraud where someone tries to trick the victim into revealing sensitive details such as a username, password or credit card details, by masquerading as a trustworthy entity in an electronic communication.