Category: Gmail Scam

Jan 15

Beware of Tech Support Scams for Gmail, Netflix, AOL, Facebook, Yahoo etc

By making use of online advertising platforms such as Google Adwords, Facebook Advertising and Yahoo Ads, fake technical support services have been scamming people out of their money for many years, until last year on 14 May 2014 when the advertising giants decided to ban tech support websites from advertising on their platform.
At least 2400 fake tech support sites were taken down after the concerned advertising platforms were inundated with customer complaints. Investigations revealed that the scammers posed as support staff for legitimate companies like Netflix, Facebook, Google and AOL. The scammer will put a paid advertisement on the internet where potential customers can find the advert by browsing the sponsored search engine results or alternatively the potential victim will come across a display ad like the one you see on Facebook. An example is shown below:
Fake Ad for Gmail Tech Support Scam 

Users who are looking for support or seeking to solve issues with their online account will call the fake tech support company for help. As you can see above, the scammer gives a toll-free phone number for instant chat on the Ad offering “instant online solutions” by “certified technicians” who are there 24/7 all year long to “secure your data in a safe medium”.
The wording gives you the feeling that you are working with professionals who can solve your account issues instantly. When you call the number, the “representative” will offer you a solution to fix your problem. He or she may tell you to pay with your credit card or they can convince you to download a file or install some software immediately on your computer.
If you send money, they will pretend to solve the problem and you will not hear from them again. If you download the file onto your computer or install the software, then you have just been infected with some malware that will steal your data and send it to the scammer for criminal purposes.
The aim of the scammers is to get as much information as they can from the victim they are talking to. They will try to extract sensitive details like your password, try to charge your credit card online, sell you a product or make you install some software that will capture your computer keystrokes.
Scammers may also cold-call you instead of putting Ads on the internet .Read This >>> So Google Called You?
Fake Email – Netflix Tech Support Scam

Besides using Ads and cold-calling, scammers may send you a fake Email that seeks to address your account issues. For example, there have been reports of Gmail users receiving fake emails purporting to be from Netflix Technical Support. The email, complete with a Netflix logo informs you that your account has been suspended and you are required to regain access by calling a specific number that is given in the message.
Even worse, the scammer may send a phishing email that will download a malicious file on your computer when you click the link.To get an insight into tech support scams, read the Malwarebytes blog

Jan 15

Ransomware Virus / Trojan like CryptoWall Will Lock Your Computer Files and Demand Payment

3 Law Firms Attacked By CryptoWall Ransomware Virus – $50,000 Lost in Ransom Money

You have probably heard about the infamous Cryptolocker ransomware virus that first made headlines in 2013. Before the malware ring was cracked down by the FBI, it had affected over 500,000 people and netted over 3 million USD for its operators in ransom money. The Cryptolocker ransomware was distributed through the Zeus Trojan horse, a stealthy phishing malware affecting millions of computers around the world, especially the USA and other developed English-speaking countries.

Ransomware simply encrypts all your files once it gets installed on your computer by a virus or other malicious agent. It can encrypt the files in an entire network of computers, making it a deadly threat for companies and organizations. The files cannot be decrypted or opened because the key is kept by the attacker. In order to get the key and get access to your files, you have to buy the key from the attacker. The Cryptolocker criminals were charging $400 to unlock the files, paid through bitcoin.It was only after the Cryptolocker ring was busted by the FBI, that the victims were able to get access to their files via a special website called Decrypt Cryptolocker.
Despite shutting down Cryptolocker, new types of ransomware viruses are emerging, and one of them is called CryptoWall.In Vancouver, USA, three law firms have been attacked by the virus, and one firm paid $50,000 to recover their files.Ransomware operators are like hostage takers, they will give you a deadline to pay the money or else you will not get your files. The firm was given 72 hours to pay the money or kiss goodbye to the files.
If you don’t backup your files on a system that is not attached to your computer or network, then you will not be able to get a copy of your files. The virus can look deeper and encrypt files in removable hard drives that are attached to your network.
The worst thing about ransomware is that there is no way to unlock the files without the help of the hacker. If developers can create a strong encryption system for banks and online stores, what can stop blackhat developers from creating a similar encryption for criminal purposes?
There are multiple ways in which ransomware can be delivered on computers. It is most commonly delivered by phishing emails, however it can also be installed on your computer through fake tech support scams. You should watch out for fake emails in your inbox. Clicking links in phishing email will download malware on your computer.
How to Protect Yourself from Ransomware like CryptoWall
The threat of ransomware should be taken seriously because there is no way of unlocking your computer files once they are encrypted. Unless you have a backup, you are screwed. To protect yourself against ransomware viruses, you must do the following:

·         Install CryptoPrevent.This antivirus program was especially made to block the Cryptolocker ransomware,but it can also block similar types of ransomware through its virus update.
·         Program whitelisting: A program whitelist is an effective way to stop unauthorized programs from installing and running on your computer. Antivirus programs usually rely on an updated virus database to detect threats, leaving the possibility of unknown viruses to infect your computer. A program whitelist can stop unknown viruses and exe files from running on your computer.
Use AppLocker
·         The Windows 7 Ultimate OS  as well as the Enterprise Editions have a whitelisting feature called Applocker.If you don’t have the Applocker on your PC, you can whitelist programs using the Family Safety feature
Backup Files
·         Make regular backups that are stored elsewhere, separate from the network e.g. on a cloud server like DropBox, OneDrive, or Google Drive.
Disconnect Internet
·         Computers with vital data should be disconnected from the internet. The ransomware virus is spread online through phishing email, disconnecting the backup servers from the internet will save your files from malware.


Jan 14

Gmail Scam – Fake Phishing Messages about Your Google Account

Gmail scams where the scammer sends fake phishing messages are not new. While a basic Gmail phishing message is easily identifiable, some more sophisticated messages are subtle and cleverly disguised, making them hard to catch. However, whatever the level of sophistication, there are common characteristics between these fake emails – the goal is to steal your login info and ultimately get access to your bank account or credit card.
One type of email phishing scam that is doing the rounds, which you should watch out for, is an email that comes into your inbox, purporting to be Google. As you might know, it is much easier to open an email from a trusted brand and click the link without a second thought. On the other hand, when the email is coming from an unknown website or vendor, your red flags will be triggered.
The latest scam as reported by KiviTV includes convincing legitimate-looking messages which look exactly like Google email formats. In one email, the scammer informs you about your Gmail account which has exceeded the allowed storage quota. In another variation of this scam, the message might be different, telling you that your email has been delayed or deferred. The goal of this trick is to scare you into taking immediate action to restore your Gmail service. You will click the link in panic, but alas, the link will take you to a malware site or download viruses on your computer.
Using a bit of common sense, like checking the amount of free space left on your email might save you from this phishing attack, but since the messages look so real and convincing, you will be tempted to click the link, besides most people have little time for investigations.
How to Identify Fake Phishing Messages
By doing a little investigation before you click a link inside a Gmail message, you can save yourself from phishing attacks:
          Check where the mail is coming from, the dumb scammer will use a clearly fake email domain, the sophisticated scammer may cloak or disguise the fake domain and the advanced scammer will use a genuine domain to trick you >>> Read This
          To reveal fake domains that are hidden by hyperlinks in the message body, hover your mouse over the hyperlink or URL to see the true domain. The hyperlink will be google.combut the true domain will be something different e.g.

Fake URL – Hover Mouse Over Link To See True Destination

Fake URL – Hover Your Mouse Over Link To See True Destination

Genuine URL – Hover To See True Destination

          Compare the email with a real Google email, you might notice some small differences between their design and formatting.
          Grammar errors and typos are one of the common giveaways for scam emails.
          USB Security Key : This is a surefire way of protecting yourself against phishing messages and fake websites.

Jan 12

Sophisticated Google Docs Phishing Scam Uncovered By Symantec

A Gmail Phishing Scam That You Cannot Escape
So one of the basic rules in identifying a Gmail phishing message is to check the email domain, the name at which the email is hosted. You can do this by opening the message and reading the sender’s email address at the top left corner of your message, the [from:] field. As you can see in the screenshot below, the mail is coming from the authentic Gmail Team  If you see a misspelled domain or any email domain that tries to imitate Google, for example,, and many other variations, then you should know that it’s a fake domain.

Authentic Google Email Domain

Authentic Google Email Doman

However, as revealed by Symantec, scammers are getting more sophisticated and clever. They have devised a new phishing trick that makes use of an authentic domain name used by Google and Gmail. What does this mean? Well, it means you should be more wary, you should not rely on one sign to identify a fake phishing email. Look for many tell-tale signs. In this case, most people would easily be tricked into signing on a fake page because the domain is authentic.

The scammer who devised this trick definitely knows that many people will log into a fake page if the URL or domain is real. Besides using an authentic Google domain which makes use of a secure SSL certificate, this smart scammer created an authentic-looking Google Drive login page. Here is how the system works:
Inside Google Drive, which is a cloud server, the scammer created a public folder to host a fake Google login page. Google Drive files can be shared as a link and they can be opened online via Google Docs to view them. The scammer then inserted the links in Gmail messages, along with a message asking the recipient to open an “important” document. On clicking the link, the recipient will be directed to a fake Google Drive login page. All the while, the recipient will see an authentic Google URL, so there is no reason to doubt the authenticity of the page.Also, if you are regular user of secure websites, being asked to sign in again is not a new thing. It is not a surprise therefore that most Gmail users will think that being required to log in and out of your account is a security measure that Gmail takes to protect your account.
Once you sign in on the fake page, your login details will be captured and sent to an external server hosted by the scammer.What makes this scam sophisticated is that it doesn’t leave you with a feeling that something is wrong. It’s a smooth operator, after clicking the sign-in button, you will be redirected to the Google Docs document that was promised in the email.

Google Drive Login Phishing Page That Looks Real

So How Do You Protect Yourself?
We said one of the rules for identifying a fake phishing page is checking the domain name.However, what if you are hit by a scam that makes use of an authentic domain or URL as demonstrated by the scam above? Anyone can be a victim of this scam, and above all, you will be a victim without knowing it. Here are ways to protect yourself from this scam:
          Use a FIDO U2F USB security key. This USB key can identify phishing pages.

          Enable 2 Step Verification. It will not stop your password from being stolen but it adds an extra layer of protection (mobile phone verification) to stop hackers from accessing your Gmail account.

Jan 11

So Google Called You? It Might Be a Scam

Gmail User Almost Lost $99 to Google Called You Scam

One of the scams reported by Gmail users is when a scammer claiming to be a Google representative calls you to send your credit card or payment in order to fix your account issues. After getting hold of your number (from the internet or telephone directory), they will call you, telling you that your Gmail account has been hacked or compromised.

Of course this is a lie. They will tell you to send money or submit your credit card in order to fix the problem. Apparently, this is a scare-marketing tactic, a trick to steal your money or credit card information. As one man in Huntsville, Alabama found out, he became a target of this scam but fortunately he was not the gullible type to fall for this trick.
A man claiming to be a Google representative called James Hilliard, and told him that his Google account was compromised and somebody was sending X-rated spam from the account. In order to fix the problem as soon as possible, and after being referred to several anonymous contacts, he was told to send $99 to a company called Ask Mask LLC in Georgia.
James Hilliard refused to give out his credit card information or pay, his instincts had already detected something fishy about the callers. Source >> WHNT News 19
If you are a Gmail user, you should know that Google will never call anybody informing them about their account. Gmail has millions of users, and certainly Google doesn’t have the resources to call each and every owner of a Gmail account. It’s not written in their policy, they will never call anybody. The only occasion when you speak to a Google representative on the phone is when you initiate a phone call, enquiring about your advertising campaign.
So Who Are The Google Scam Callers?
If you receive a phone call from somebody claiming to be a Google employee, then it’s definitely an illegitimate organization or company. Shady Telemarketers in the USA are well known for using brand names like Google to entice potential customers. They will entice you to buy a product or “solution” to solve your problem. For example, a telemarketer who sells Galaxy S4 Unlock codes might call you and claim to be an AT&T employee, he or she will tell you that your SIM Card is blocked and you need to send money to unlock the SIM.
Scammers come with different approaches, a caller might tell you that you have won a Google sponsored award for “Best Gmail User of the Year” or that you were randomly selected to participate in a Lottery for Gmail users. The next thing is obvious, the caller may ask you to make a credit card deposit or submit your personal details.
If it’s too good to be true or unsolicited, then it’s probably a scam.