Well, that's a valid question and one you need to pay a bit attention to. If you're an avid communicator, you probably have a Facebook profile, Twitter, you're subscribed to a ton of magazines, and you have a PayPal and bank account tied to your primary email address. So, what would happen to your reputation, reading habits and money if somebody takes full control over your primary email address?... Right, you'd be in trouble.
All it takes for somebody to steal your identity and your money is to get access to your primary email account, even if it's a free Gmail account. Generally, if you receive an email asking you for username and password of any account/profile on any website, chances are you're being attacked by identity thieves. So, there you have it, this is why you must pay close attention to your email account.
I just received an email just 45 minutes ago with the following text:
----------------------------------------------------------------------
Please verify your email address for your Security.We are shutting down some accounts and your account will be automatically deleted. Due to anonymous registration of email account. Filling the space below for verification purpose by clicking the reply button.
Full name:
Password:
DOB:
Country:
Your account will not be interrupted after following the instructions andvyour service will continue as normal. We apologize for any inconveniences.
Thanks for using Google.
---------------------------------------------------------------------
The first trigger of suspicion was that I use my email a lot, a bit too much even, and it can hardly be up for any shutdown. The second trigger was the formatting of the email itself. Notice that there is no "The Google Team" signature at the bottom, which usually accompanies official emails. Then, the email font is inconsistent. First it's Veranda, then it's Times New Roman, and lastly it's a plain Courier font. Whoever wrote this email was in a hurry, and pasted at least two paragraphs into the message without taking the time to even make it look professional... not to mention the typo in the last paragraph.But all this is just plain observation, and is not enough to throw this email out the window. Anyone can make mistakes and that shouldn't mean it's not genuine.So let's take this on the next level. The sending email account is not from Gmail.com or from Google.com, and that in itself is a red flag. If a support email is sent out to all Gmail accounts it is only logical that the sender will use Gmail account such as support@gmail.com or alike. The sending email of this email is pwveriyxxgmail@mail.com.The final step in figuring out if this is a genuine email is to view the Original message, aka Source code of the email. And here's the source (bolded text for emphasis):
Delivered-To: XXXXXX@gmail.com
Received: by 10.231.199.74 with SMTP id er10cs64388ibb;
Tue, 26 Oct 2010 00:02:29 -0700 (PDT)
Received: by 10.151.13.17 with SMTP id q17mr14609878ybi.355.1288076548771;
Tue, 26 Oct 2010 00:02:28 -0700 (PDT)
Return-Path:
Received: from p3plwbeout14-04.prod.phx3.secureserver.net (p3plsmtp14-042.prod.phx3.secureserver.net [173.201.192.188])
by mx.google.com with SMTP id m12si8827550ybn.29.2010.10.26.00.02.28;
Tue, 26 Oct 2010 00:02:28 -0700 (PDT)
Received-SPF: neutral (google.com: 173.201.192.188 is neither permitted nor denied by best guess record for domain of liks@editissmae.com) client-ip=173.201.192.188;
Authentication-Results: mx.google.com; spf=neutral (google.com: 173.201.192.188 is neither permitted nor denied by best guess record for domain of liks@editissmae.com) smtp.mail=liks@editissmae.com
Received: (qmail 31021 invoked from network); 26 Oct 2010 07:02:28 -0000
Received: from unknown (HELO localhost) (10.6.247.12)
by p3plwbeout14-04.prod.phx3.secureserver.net with SMTP; 26 Oct 2010 07:02:28 -0000
Received: (qmail 9559 invoked by uid 99); 26 Oct 2010 07:02:27 -0000
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html; charset="utf-8"
X-Originating-IP: 65.254.61.250
User-Agent: Web-Based Email 5.2.35
Message-Id: <20101026000227.2a0f4ceb3719803a5b33484b458614a4.be881f5018.wbe@email14.secureserver.net>
From: "Gmail"
X-Sender: liks@editissmae.com
To: veriysups@gmail.com
Subject: Your Gmail address
Date: Tue, 26 Oct 2010 00:02:27 -0700
Mime-Version: 1.0
Please verify your email address for your Security.We are shutting down some accounts and your account will be automatically deleted.Due to anonymous registration of email account. Filling the space below for verification purpose by clicking the reply button.
Full name:
Password:
DOB:
Country:
Your account will not be interrupted after following the instructions andvyour service will continue as normal. We apologize for any inconveniences.
Thanks for using Google.
Note that the email is sent from one account and the reply goes to another. The originating email is from a free mail server and the reply will end up in an inbox on a website hosted with GoDaddy.com. Hardly a way Google does business.
So, be careful with your online identity, there are people out there ready to take your slightest mistake and take over your primary email account.
If you find my blog posts helpful please consider a small donation.
Let your friends know about this blog post
No comments:
Post a Comment