You are here: Home / Archives for email

Gmail Phishing Email

I just received this phishing email in my Gmail account. It masquerades as an email warning from the Gmail team about a database upgrade.

If you received the same email message, please do not reply. It is NOT from Gmail and your Gmail account will not be deleted if you do not reply. Do not provide any information to the sender. The best thing to do is to mark the message as spam in your Gmail account.

Here’s the email message. Notice that it’s full of grammatical and capitalization errors — typical of spam, scam, and phishing emails.

**************************************************************************
This footnote confirms that this email message has been scanned by New Google Mail-SeCure
for the presence of malicious code, vandals & computer viruses.
**************************************************************************
Our Spam protector Team are working hard to add new features and make improvements on our Web-based system, so we might also ask for your comments and suggestions periodically. Now we want to delete some accounts due to anonymous registration of Accounts.

Your account needs to be verified otherwise it will be “Disabled” and “Deleted” permanently if your details are not received within 72hours for Verification. Please click the “Reply” and email us the details below for Verification purposes that you truly own this Account.

*Name :
*Email ID :
*Password :
*Date of Birth :
*Occupation :
*Country of Origin:
*Alternative Email :

Your data is safe with us! Your information will be safely delivered directly to our Account disability Prevention experts and handled in a secure environment

Thanks for using our Services.
**************************************************************************

Again, do not reply to this email. Just mark it as spam in your Gmail account.

Phishing Message Header

The email header, if you’re interested.


Delivered-To: myemail@gmail.com
Received: by 10.213.25.133 with SMTP id z5cs2804ebb; Tue, 27 Sep 2011 21:14:39 -0700 (PDT)
Received: by 10.68.36.99 with SMTP id p3mr41107810pbj.61.1317183278081;
Tue, 27 Sep 2011 21:14:38 -0700 (PDT)
Return-Path:
Received: from p3plwbeout15-01.prod.phx3.secureserver.net (p3plsmtp15-01-2.prod.phx3.secureserver.net. [173.201.193.34])
by mx.google.com with SMTP id h3si1011258pbg.156.2011.09.27.21.14.37;
Tue, 27 Sep 2011 21:14:38 -0700 (PDT)
Received-SPF: neutral (google.com: 173.201.193.34 is neither permitted nor denied by best guess record for domain of officebox@sri-lankasgoogle.com) client-ip=173.201.193.34;
Authentication-Results: mx.google.com; spf=neutral (google.com: 173.201.193.34 is neither permitted nor denied by best guess record for domain of officebox@sri-lankasgoogle.com) smtp.mail=officebox@sri-lankasgoogle.com
Received: (qmail 6500 invoked from network); 28 Sep 2011 04:14:37 -0000
Received: from unknown (HELO localhost) (173.201.193.116)
by p3plwbeout15-01.prod.phx3.secureserver.net with SMTP; 28 Sep 2011 04:14:37 -0000
Received: (qmail 6075 invoked by uid 99); 28 Sep 2011 04:14:21 -0000
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html; charset="utf-8"
X-Originating-IP: 41.30.55.83
User-Agent: Web-Based Email 5.6.02
Message-Id:
From: "Gmail"
X-Sender: officebox@sri-lankasgoogle.com
Reply-To: "Gmail"
To: system-admins@google.com
Subject: Data-Base Improvement =?UTF-8?Q?Updates=E2=80=8F?=
Date: Tue, 27 Sep 2011 21:14:20 -0700
Mime-Version: 1.0

Notice that the return address (Return-Path) is officebox@sri-lankasgoogle.com, which is not a Google-owned email address. I did a WHOIS check on sri-lankasgoogle.com, and it turns out it was registered just a few hours ago (September 27, 2011). The WHOIS check returned the following information on the registrant:

Registrant:
Nicolas Anelka gomenkudasainy@gmail.com
300 Pine Avenue
New York, New York 10019
United States

Domain Name: SRI-LANKASGOOGLE.COM
Created on: 27-Sep-11
Expires on: 27-Sep-12
Last Updated on: 27-Sep-11

Administrative Contact:
Anelka, Nicolas gomenkudasainy@gmail.com
300 Pine Avenue
New York, New York 10019
United States
8887174801 Fax –

Technical Contact:
Anelka, Nicolas gomenkudasainy@gmail.com
300 Pine Avenue
New York, New York 10019
United States
8887174801 Fax –

Domain servers in listed order:
NS49.DOMAINCONTROL.COM
NS50.DOMAINCONTROL.COM

The Internet is full of scammers. Stay safe.

Posted by Jay Leave a Comment
Filed Under: Internet Security, Messaging Tagged With: , , ,

Gmail Detects When You Forget to Attach a File for Sending

I was writing an email on Gmail a few minutes ago and I intended to send a file to the recipient. When I clicked Send, Gmail displayed the message below, asking me if I meant to attach files to my email message. It was able to detect that I wanted to send an attachment because it detected the phrase is attached in my email message. See the screen shot below.

gmail can detect no attachments Gmail Detects When You Forget to Attach a File for Sending

Update: I removed is in the phrase is attached, and Gmail didn’t ask me anymore. So I guess, the confirmation is only triggered when it detected the phrase is attached in the email message. It’s also triggered when it detects the phrase see attached.

I was very surprised because I had forgotten to attach files I meant to send via Gmail a hundred times before but it has never asked me this before. I think it’s an excellent new feature that they’re implementing. It’s surely a great enhancement to Gmail user experience.

On the other hand, it’s a reminder that Google can and does read your email messages. And that I think is the scary thing about this. What do you think?

Posted by Jay 2 Comments
Filed Under: Messaging Tagged With: , ,