Have a Google or Gmail account? Watch out for scam emails posing as messages from Google. They may look like official notices about your account, but they carry malware. The same will apply to Hotmail, Yahoo, and other email users also.
How the Scam Works:
You receive an email that appears to be a message about your Google or Gmail account. One version of this scam informs you that “You have exceeded your email limit quota.” Another tells you that “you have a deferred email.” The text is hyperlinked in both, implying that you should click for more information. Don’t do it!
Clicking on the link will download malware to your computer. Once on your machine, it can hunt through your files for personal and banking information. This opens you up to the possibility of ID theft. We advise not clicking on ANY links in an email unless you are 100% sure and confident that you know the sender of the email.
These scam emails are particularly tricky because they look so real. They have details like Google’s address in the footer. One version actually has a link to “unsubscribe” and “change my notification settings.” Be sure not to click these links because they also may contain malware.
How to Spot a Scam Email:
- Check out the “From” field: Scammers have the ability to mask email addresses, making the message appear to come from a legitimate source. But they don’t always use it. In this scam, the “Google” emails aren’t actually from a @google.com address.
- Watch for typos, strange phrasing and bad grammar. Scammers can easily copy a brand’s logo and email format, but awkward wording and poor grammar are typically a give away that the message is a scam. In the example above, the phrases “limit quota” and “deferred email” are a sign that something’s not right.
- Hover over URLs to reveal their true destination. Typically, the hyperlinked text will say one thing, but the link will point somewhere else. Scammers either set up fake websites or hack into third-party sites and use them to host malware.
- Watch for look alike URLs. Be wary of sites that have the brand name as a subdomain of another URL (i.e. brandname.scamwebsite.com) or part of a longer URL (i.e. companynamecustomersupport.com).