Users of Gmail, Google’s email, are victims of phishing attempts

Gmail users are not safe from phishing. Indeed, the e-mail platform of Google is also the prey of a phishing attempt, unfortunately quite well orchestrated.

To understand this phishing on Gmail users, let’s begin by reminding what phishing is. Who has never received an e-mail indicating a refund due to an overpayment? Or a mail from a bank requiring you to enter your password as part of an audit procedure?

The crooks send thousands of e-mails like these, pretending to be an official entity (Bank, Microsoft, Apple, …). Their goal is that a victim believes this and discloses personal information (Credit card number, password, …). This scam on the internet is what is called phishing.

  • Phishing applied to Gmail

In the case of Gmail, the phishing attempt looks a bit different. The method is about sending a message to the person to be trapped. For more efficiency, scammers used a corrupted account belonging to a legitimate owner known by the potential victim.

Gmail login

This mail invites the recipient to open a document stored on “Google drive”, the cloud storage service of the Internet giant. This service is pretty well known to familiar Gmail users. But after having clicked on the link, the Gmail login page appears of instead of the expected document.

Surprised, the person thinks he / she has been disconnected and then enter again his email address and password. Unfortunately, this is where the fraud takes place. It was not an untimely disconnection but a misleading page displayed by the crooks after having clicked on the request to access Google Drive.

  • Skilled users were trapped

The scammers have now recovered the login / password and then rapidly access the victim’s mailbox. They check e-mails for sensitive data. They also take advantage of this access by stealing the address book of the victim. The scammers can then reproduce the process of such phishing attempt.

This phishing attempt targeting Gmail accounts is subtle and many skilled users get caught. A more discrete visible element of this fraud attempt is the URL used. This is different from the normal address: https://mail.google.com. But scammers know that we don’t always pay attention to the content of the bar at the top of the internet browsers.

Be vigilant Gmail users! And pay attention especially if one of your contacts invite you to view a document on Google drive.

The crudest scams are more effective

A Microsoft researcher has recently published a study on scams attempts by emails : the most outlandish stories are more effective and produce better results!

The bigger, the better it works! One could say that this is the conclusion in one sentence of the study made by Cormac Herley. This study, very mathematical, says that e-mails written in broken English and looking obviously to a scam are yet more effective.

money effective trapIf scammers refine their e-mail traps by taking care of spelling and reporting a less complicated story, they probably would affect more people in the first phase. But the work that awaits them would be increased tenfold, so that ultimately many attempts will revealed to be unsuccessful because the persons receiving these e-mails would have guessed the scam meanwhile.

With stories riddled with spelling mistakes and promising incredible heritage or huge gains in a lottery on the internet, scammers receive little answers, but those answers are more likely to lead to a scam. In this way, they avoid having to deal with many answers and can focus their efforts on the curious people who answered.

Scammers do not have time to waste and efficiency is a desirable goal! Only the most interested internet users respond to these emails. For a crook, an Internet user who answers has already one foot into the scam. Scammers have “only” to conclude the scam with some well-crafted speech, and this is domain where they are the masters.

Again, we have been saying it on our site for a long time, inheritances coming from unknown person or Internet lottery winnings are scams! Never send money to someone you met on the net, whether it is to help or to advance expenses, these are scams!

Fake Michael Kors websites

Many fake websites pretend to sell Michael Kors bags

Michael Kors is an American fashion designer, known for the brand he created using his own name. MK bags are among the best-known products of the brand, but it also makes shoes, watches and jewelry. Michael Kors bags are premium and ultra-fashionable products, so prices are high.

Some scammers took advantage of this, creating websites proposing Michael Kors bags for sale. But in reality, they will cash your order and never deliver any product or in the “best case” will deliver a low-end imitation.

Among these fake sites, we find brechtportoalegre.com and its strange domain name. It ranks in second position on Google with the keywords “Michael Kors bags cheap”. The ranking on Google can vary from one user to another, but it is clear that this fake Michael Kors website has an advantageous position on the main search engine.

fake michael kors websites

brechtportoalegre.com

Another fake website “selling” Michael Kors bags is laurasmidis.com and its “neutral” domain name. Its look like any other website hides in reality a e-commerce scam. In order to convince you, here are two clues, also valid to detect any fake website:

  • Prices incredibly low : Almost 90% discount! This should alert you immediately. No real e-commerce website would offer so much discount, especially on fashion products.
  • The lack of legal information: On the first example, there is simply no such section. In the second example, the link “term of us” redirect to … another website !
fake Michael Kors websites

laurasmidis.com

Promotional sales period should not be an opportunity for internet users to fall into scams. Always take time to check the key elements that betray a fake selling website. Prices too low, even during promotional sales, should alert you !

These fake websites are usually hosted overseas, so that lawsuits are difficult to engage, and most of victims give up, encouraging these scams to prosper.