Wednesday, May 30, 2012

Gmail Phishing Attack: do-not-reply mail from Activacorp


Hello friends! Beware of the new Phishing mail that you might receive on your Gmail inbox. The mail is very much different from normal spam and phishing mails. Gmail does not identify it as a Phishing mail and delivers it to your inbox normally with the label "important".

The mail has the following content (which might differ in your case).

******************************************************************************************************
do-not-reply  activacorp.net@activacorp.net
2:52 PM (6 hours ago)

to me
 
You are receiving this message because you or someone tried to access your account from an unknown computer or mobile device. Numerous invalid passwords were logged and we are poised to open an investigation to this matter.

Click below to get started with your account validation.
******************************************************************************************************



And below that is a button called "Get Started" which takes you to a fake Gmail login page. If you take the bait and enter your username and password, then you are pretty much hacked!!



So, few of takeaways from this:
  1. Always check the sender of an important e-mail.
  2. Check to whom it is sent. If you are in bcc or one among many random receivers, it is most probably fake.
  3. No need to get curious and click on the link. Simply ignoring it is better approach.
 If you like you can submit the Phishing attack to Google on following link:



Thanks for reading! Safe surfing! :)