Inboxes are currently being hit by emails that claim that “someone has your password”.
The emails, which have the word “google” in the sender field, warn that access to your account will be suspended if you do not reply within 24 hours.
However, the emails are certainly not from Google and the claim that your email account will be suspended if you don’t reply is a lie.
In fact, the emails are crude phishing scams designed to trick vulnerable users into sending their account login credentials and other sensitive personal information to online criminals.
Here’s an example of one of the scam emails:
From: g o o g l e
Subject: Someone has your password
It is required that you reply within the next 24 hours, We will suspend access to your account if we don’t recieve your reply with in the given time frame, We would appreciate your immediate attention to this matter
If you reply as instructed, you will likely receive a follow-up message that asks you to send your password as a means of verifying your account. The email may also ask for other identifying personal information, ostensibly as part of an account validation process.
If you comply by sending the requested information, the criminals can then use your credentials to hijack your email account and any other linked services that use the same login.
Moreover, once the criminals have you on the hook, they may send further messages that demand that you hand over even more of your personal and financial information. The criminals may use this information to steal your identity.
Keep in mind that no legitimate email service provider will ever ask you to send sensitive information such as account passwords by replying to an email. Any such request should be treated with immediate suspicion.
If you receive one of these emails, do not reply and do not open any links or attachments that it may contain.