Google passwords targeted in new phishing campaign

A new phishing campaign is targeting users of Google's services such as Gmail, a computer security firm warned this week.

 

Sophos said stealing a Gmail password can give an identity thief access to other Google services - including Google+, Adwords, Google Checkout, Google Docs, and YouTube.

 

"(The phish campaign involves an email) pretending to come from Google’s team... claims that the recovery email address associated with your Google account has changed, and if you do not verify it then you might lose your account in its entirety," it said in a blog post.

 

It said the email claims to have changed the Gmail user's recovery e-mail address to meesheey@hotmail.com.

 

The email went on to claim that if the Hotmail address is not the correct recovery address, the recipient should follow "instructions" in updating his or her account.

 

"Clicking on the link in the spammed-out email does not take you to your Google accounts settings, however. Instead, you are taken to a compromised website which is hosting a phishing page - designed to steal your password," Sophos said.

 

"Always take care about what links you click on, and don’t enter your personal information until you are confident you have reached a legitimate site," it added. — TJD, GMA News