top of page
OpaCyber

Expect fake gmail notifications

Phish Alert - Someone tell grandma! 🤣


and the kids, your parents, and anyone else you can think of..


We heard this was coming down the pipe, and now we’ve received one (and plenty more to come based on the number of gmail accounts we have for.. em, testing!)


We fully expect bad actors are going to try and use variations of this email for phishing purposes.


This example is genuine!


Google will, in the next few months, start to delete inactive gmail accounts (Personal gmail not Google Workspace, so that’s e.g. BobSmith @ gmail . com not BobSmith @ example . com) that have not been used in the past two years


We’d have liked to see Google send an email with no links, as the bad actors will “definitely” be including a link in their phishing attempts. Instead, this example has EIGHT links 🤦‍♂️


How to spot the good from the bad:


The genuine email will come from the address highlighted (no-reply @ accounts . google . com) - make sure that’s the actual address and not just the Display Name 😊



Example of genuine google email
Exampe of geniune Google email


The fake, phishy, email will probably have a link and there will be social engineering red flags to spot:


🚩 The link might be BIG and BOLD

🚩 There will be a sense of urgency: you have to do this by… x date


Whether or not you have a gmail account that hasn’t been used for a while, NOW would be a great time to log in to it and:


Set or verify a recovery email address (another of yours or a friend’s / family member’s)

Check that 2FA is turned on or if not, set it up (yes, we know Google’s way of implementing 2FA is a pain but so is getting your account pwned).


Stay Safe!! If you need help with your business cyber security, send us a message, we will be happy to discuss your needs.

bottom of page