Be Careful With the Phishing Mails – Watch Out the Headers
Written By Samrat| 21 February 2009| One Comment
Recently I got a mail saying “Gmail Account Suspended Notice“. I was really shocked to see the mail as I have got very important data in my account and more over I wouldn’t be able to change my email at all other services. My life would really become very miserable if my Gmail account is suspended. I scrolled down a bit to see
You need to verify your email address (firstname.lastname@example.org) to remove the temporary suspended-related issues. To initiate the process for verifying your account, visit the link below.
I was happy to see that this is a temporary suspension of Gmail account and was about to click the link and just noticed that there is something unusual about the URL. If you observe it carefully you can see that the URL is ending in accs.in(The one in red). Though the URL starts with account.google.com(the one in green) the actual domain is a different one. Just then I understood that this is a phishing mail. But the saddest part is that even Google was not able to catch it.
So next time when you get a mail like this do not jump to click the link, instead read the mail completely and check the sender so that you will be on the safe side. These types of mails are often called as ‘spoofing mails‘ or ‘password phishing mails‘ or just ‘phishing mails‘. These kind of mails ask you for your passwords, Social Security number, bank account number, PIN number, credit card number, mother’s maiden name, birthday etc.
In Gmail you can view the headers to know more about the email sender. Just click the down arrow next to Reply, at the top-right of the message pane and select “Show original” to reveal the header. when I closely observed the email I found that the mail was sent from “email@example.com” <firstname.lastname@example.org>, which clearly shows that the message was not from Google.
Though most of the times Gmail’s phishing alert will warn you about a phishing mail be careful to click links on such mails. When you encounter such situations do take some time to report to Google about the phishing mails.