When you click on the link, then you see the familiar Google Gmail Welcome page. 

Except that this is not the regular Google page.  If you look up at the address field, you will find the URL is on the domain, .

Checking WhoIs for this page you will find that the administrative contact is the following person.

Undoubtedly if I had keyed in my Gmail username and password, that gentleman would have had access to my Gmail account and could do whatever he wished with it.  Needless to say I immediately changed the password, in case he had already been there.

This is a particularly difficult one to spot, so it is important to be extra vigilant.  Google has some good information about Messages asking for personal information.  It also provides more detailed information about Suspicious results and strange behavior: Phishing attacks in other words.

You can forward such phishing Gmail messages to phishing@google.com and can send the Phishing URL to the Google Phishing team using their Phishing Report.  Google also provides a link to Stopbadware.org, where you can learn more about malware that can infect your computer.

Some phishing attacks are not too difficult to spot, often including spelling mistakes and somewhat curious links.  This particular current Gmail phishing incident is highly professional and the only clue is that URL address when you click on the apparent Google link. 

Please spread the word rapidly.  If you are on Twitter, then please ReTweet the message below.

Undoubtedly many people will be taken in.

Related Posts

• June 22, 2009 — A URL Shortener For Maximum RTs (ReTweets) (3)
• April 16, 2009 — Are You On Google? (4)
• March 20, 2009 — Zoomit For Proud Canadians (1)
• March 9, 2009 — Since Google Is In Mountain View, CA, Is It A Guru? (0)
• March 6, 2009 — Google Is Killing Its Golden Goose (11)

Post from: The Other Blokes Blog

Latest Gmail Phishing Very Tough To Spot – Watch Out