Fake Google “Suspicious Sign-In Prevented” Emails Lead to Phishing Site


Google phishing email

Google customers are advised to be on the lookout for fake notifications that inform them of suspicious login attempts. Experts have found that such emails are being sent out by cybercriminals to lure users to phishing sites.

The emails are entitled “Suspicious sign-in prevented” and they read something like this:

“Someone recently used wrong passwords to try to sign in to your Google Account. We prevented the sign-in attempt in case this was a hijacker trying to access your account. Please review the details of the sign-in attempt.

If you do not recognize this sign-in attempt, someone else might be trying to access your account. You should check activity immediately.”

The main problem with this phishing attack is that Google actually sends users such emails in case suspicious login attempts are detected.

However, cybercriminals have also been sending out such emails over the past years. In some cases, the bogus notifications are utilized to distribute malware, while in others, to lure people to phishing sites.

Google phishing scam

In this particular case, brought to our attention by a security researcher of Malwared.ru, internauts are taken to a phishing site hosted on privacy.google-settings.com. The domain might look legitimate at first sight, but it’s not owned by Google.

The expert says that it has been registered by one Aksnes Thomas from Sweden, with the email address aksnes.thomas@yahoo.com.

The phishing site’s source contains an email address, valsowrom@gmail.com, which the researcher believes could be the attacker’s address.

If you come across such emails, analyze them carefully before clicking on any of the links or buttons. Make sure that the links point to a legitimate Google domain, such as gmail.com, mail.google.com or accounts.google.com before entering your credentials.

If you’re a victim of this phishing attack, change your password as soon as possible. If you’ve been using the same password for multiple accounts, change it for those as well.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s