Home Computer Tips Gmail Phishing Scam

Gmail Phishing Scam

Posted on

Recently, Gmail has been the target of phishing scams. A user will receive an email from a fake address, but the name will be familiar. You might think it is your mom because it has her picture, but the address isn’t quite the same. That’s your first hint. Double check the email address for accuracy.

When you open the email, it will seem relatively harmless, there might not be any grammatical errors at all. There will be a link or an attachment. When you click on that link or attachment, you will be asked to login to your Gmail account again. DON’T ENTER YOUR PASSWORD! You will never have to re-login to Google. The login screen may look trustworthy. It will look almost identical to the regular page. Check the URL though. That’s not Google.

If you put your login information in, it will say error and return you to your email. That error was actually a virus infecting your computer and phishers stealing your password and information.

If you fall victim to this scam, CHANGE YOUR PASSWORD IMMEDIATELY. Also, change the password for any account that has the same or similar password. They have access to any account using that email and password. This is why ITS recommends that you use a unique password for every account.

You can report Gmail phishing scams to Google by clicking the drop-down box next to reply, and selecting “Report Phishing.” Here’s an example and how to report it.  (Hint: click the photo to enlarge it for easier viewing)

  1. First, this scammer did not even bother to double check who they were emailing. The email is not addressed correctly, and “Sheri” did not in fact receive this email.
  2. Second, the email address is unfamiliar. “Mail.com” is not a valid email server.
  3. Third, as usual the grammar, syntax, and logic gives it away.  What is this email about? What does her family oriented self have to do with city rentals?  Also, what does cityrentals have to do with badboyz?
  4. Speaking of the URL, it is http:// which is not trustworthy. Look for http:// instead.

Ultimately, this is not a trustworthy email. It was reported to Google as phishing. You can also report an email without opening it by checking the box and clicking the “!” symbol at the top. (Hint: click the photo to enlarge it for easier viewing)

Be cautious on the web and always be on the lookout for phishing scams.

As always, if you think you have received a phishing email to your E-town account, forward it to mailcop@etown.edu. If you think you have been the victim of a phishing attempt, call the ITS Helpdesk immediately at x3333 and change your password.