- I'm going to reproduce the email I was sent below
- PLUS the links to the Google pages which can help you understand the scam and report it to Google
This is the email (in blue). I've highlighted the email header in full (and deleted my gmail address!).
|from:||Mail Support Team email@example.com|
|date:||9 October 2014 21:36|
|Signed by:|| gmail.com|
Dear Gmail User,
As part of our security measures, we regularly update all accounts on our database system. We are
unable to update your email account and therefore we will be closing your email accounts to enable the web upgrade.
You have been sent this invitation because our records indicate you are currently a user whose account has not been activated. We are therefore you sending this email so you can inform us whether you still want to use this account. If you are still interested please confirm your account by updating your details immediately because out system requires an account verification for the update.
To prevent an interruption with your Gmail services, please take a few moments to update your account by filling out the verification and update form immediately.
Warning! Any account owner that refuses to update their account after receiving this email will lose their account permanently.
We appreciate your cooperation in this matter.
Gmail Member Services Team
© 2014 Gmail Inc. All Rights Reserved.
Things which alerted me to the phishing scam
The status of my account was incorrectAlways read an email carefully. Your eye gets drawn to the link which they want to click - but do read the email carefully twice if it suggests something is serious amiss and you need to take action.
In my example, the email indicates
You have been sent this invitation because our records indicate you are currently a user whose account has not been activated.which is completely untrue as this is an gmail address which I have been using for many years. That was the point which triggered my attention. Checking whether or not my name was included was the confirmation I needed.
My name was missing
It's a FACT that if Google is writing to you as an individual Google account holder they will ALWAYS address you in the email header line by the name you gave when opening the account. If your name is missing and the email is about your gmail account, then it's NOT Google on the other end.
The grammar and sentence construction had problemsI've never ever received an email from Gmail where the sentence construction and grammar had lapses. If there's a problem with the English chances are there's a problem with the sender.
Check the status of your account
The next thing I did was log in to see if there was any indication that there was anything wrong with the status of my account. There was nothing untoward other than the email (which had been redirected to another address where I picked it up)
Google Help and report pages
These are the three pages which can assist you:
- Avoid and report Google scams - this provides a listing of all current scams known to Google. This is where I started - it highlighted that there was in fact a Gmail Phishing Scam.
- Messages asking for personal information - anything which seeks your validation is very likely to ask for some personal information from you.
- I used this to report the details of the scam and also to highlight who I thought was responsible for it ( an email received earlier in the day which bounced when I replied to it ).
- I took a pdf copy of the report I sent in (via print and then "save as pdf")
Current known scams - including the Gmail Update Phishing Scam
The current known scams and other resources are"
Specific scamsThis is what Google has to say about the Gmail UpDate Phishing Scam