Widespread Gmail phishing email lures users with cash prize
IT security firm Sophos has warned of a widespread phishing email campaign that tries to trick users out of money by pretending to be a cash prize from Gmail, Google’s popular free email service.
The emails claim that the recipient has been randomly selected for the 500 US dollar cash prize, and that the money can be automatically paid to them if they click on the embedded web link.
Part of the email reads as follows:
‘You won $500! Gmail congratulates you!
YOU WON $500!
Gmail gives members random cash prizes. Today, your account is randomly selected as the one of 12 top winners accounts who will get cash prizes from us. Please click the link below and follow instructions on our web site. Your money will be paid directly to your e-gold, PayPal, StormPay or MoneyBookers account.’
The link users are directed to click on pretends to be a legitimate Gmail link, but actually takes them to a web page saying that there has been a problem sending the payment. They are then asked to enter their details and pay a membership fee of 8.60 US dollars.
“Of course this email wasn’t really sent by the folks at Gmail, and the 500 dollar cash prize doesn’t exist. Anyone tempted to try and collect it is in danger of walking straight into a trap set by these fraudsters,” said Graham Cluley, senior technology consultant for Sophos. “People need to learn that there is no such thing as a free lunch, and be much more wary of unsolicited email communications whoever they may appear to come from.”
Earlier this year, Sophos revealed in a survey that 58 percent of people receive at least one phishing email every day. The company strongly recommends that all organisations protect themselves with a consolidated solution which can defend against the threats of spam, spyware and viruses.