Email Phishing With Digital Background
Home ScamsPhishing Scams Gmail ‘Update Account’ Phishing Scam Outline

Gmail ‘Update Account’ Phishing Scam Outline

by Brett M. Christensen

Outline

Email purporting to be from webmail provider Gmail claims that recipients must click a link to verify their accounts and update information or risk having the accounts permanently deleted.

Brief Analysis

The message is not from Gmail and the claim that users will lose their accounts if they do not verify their information is a lie. The email is a phishing scam designed to steal login information for Gmail and other webmail accounts as well as trick victims into divulging their phone numbers to Internet criminals.

Example

Dear Gmail User,

As part of our security measures, we regularly update all accounts on our database system. We are
unable to update your email account and therefore we will be closing your email accounts to enable the
web upgrade.

You have been sent this invitation because our records indicate you are currently a user whose account
has not been activated. We are therefore you sending this email so you can inform us whether you still
want to use this account. If you are still interested please confirm your account by updating your details
immediately because out system requires an account verification for the update.

To prevent an interruption with your Gmail services, please take a few moments to update your account
by filling out the verification and update form immediately.

Click here to verify your account

Warning! Any account owner that refuses to update their account after receiving this email will lose their account
permanently.

We appreciate your cooperation in this matter.

Sincerely
Gmail Member Services Team
© 2012 Gmail Inc. All Rights Reserved.

Gmail account phishing scam email

 

Detailed Analysis

According to this email, which purports to be from Google’s webmail service, Gmail, account holders are required to update their account details by clicking a link and filling in a verification form. Otherwise, claims the message, the users will find that their Gmail accounts are permanently deleted. The message comes complete with a Gmail logo and copyright notice.

However, the email is certainly not from Gmail. And users will not lose their accounts if they fail to follow the link and update their details. Users who fall for the ruse and click the link will be taken to the following bogus Gmail login page, which has been constructed so that it closely emulates a real Gmail page:

Gmail Phishing Login Page

After providing their login details, victims will be then taken to another bogus page that asks them to provide their phone numbers:

Gamil Phishing Scam Verify Phone

Next, victims will be taken to yet another bogus page and asked to provide login details for any alternative email addresses they may have:

Gmail Phishing Scam Alternate Email Address

After providing all the requested details, users will be automatically redirected to the real Gmail website. Alas, all of the information they have provided will end up in the hands of online criminals who will use it to hijack the real webmail accounts. belonging to their victims. The compromised accounts can then be used to launch more spam and scam campaigns in the name of the victims. The scammers may also use the stolen phone numbers for further nefarious activities.
Email account phishing attacks like this one are very common and take many forms. Be very wary of any unsolicited email that claims that you must follow a link or reply to provide login information and other personal information. Legitimate email service providers will not ask users to provide such information via a generic email message.

If you receive such a message, do not click on any links or open any attachments that it may contain. Do not reply to the message. Always login to your online email service by entering the account address into your browser’s address bar rather than by clicking a link in an email.

 

Importance Notice

After considerable thought and with an ache in my heart, I have decided that the time has come to close down the Hoax-Slayer website.

These days, the site does not generate enough revenue to cover expenses, and I do not have the financial resources to sustain it going forward.

Moreover, I now work long hours in a full-time and physically taxing job, so maintaining and managing the website and publishing new material has become difficult for me.

And finally, after 18 years of writing about scams and hoaxes, I feel that it is time for me to take my fingers off the keyboard and focus on other projects and pastimes.

When I first started Hoax-Slayer, I never dreamed that I would still be working on the project all these years later or that it would become such an important part of my life. It's been a fantastic and engaging experience and one that I will always treasure.

I hope that my work over the years has helped to make the Internet a little safer and thwarted the activities of at least a few scammers and malicious pranksters.

A Big Thank You

I would also like to thank all of those wonderful people who have supported the project by sharing information from the site, contributing examples of scams and hoaxes, offering suggestions, donating funds, or helping behind the scenes.

I would especially like to thank David White for his tireless contribution to the Hoax-Slayer Facebook Page over many years. David's support has been invaluable, and I can not thank him enough.

Closing Date

Hoax-Slayer will still be around for a few weeks while I wind things down. The site will go offline on May 31, 2021. While I will not be publishing any new posts, you can still access existing material on the site until the date of closure.

Thank you, one and all!

Brett Christensen,
Hoax-Slayer