14 DAY TRIAL // If you came across an email entitled “This office is refunding today,” purporting to come from the Central Bank of Nigeria, you’d probably think you’re dealing with a classic 419 scam. In reality, cybercriminals are using such an email to trick users into handing over their Google credentials.
The emails read something like this:
“We have a great news for you this end of year. The Government have finally approved that every penny/dime you have spent in regards to your fund will be returned before Christmas.This must be done within the next 72 hours so that we can begin the transfer/delivery process of your fund.
Now to confirm you are the actual beneficiary of the said fund. You are advised to open the attached file and then fill in your information. Your information should not be written on email but inserted on the file attached so you must open the attached file to fill in your information.
We need you to do this today so that things can be finalised before the end of the year. The file attached is encryped to it is only for you and you alone. You are therefore advised to open the attached file to confirm you are the actual beneficiary as you know so many people have came to cliam your fund.”
As Hoax Slayer highlights, this looks like one of the emails sent out by Nigerian scammers who want to trick internauts into handing over personal information, and paying certain amounts of money allegedly needed to complete the transactions.
However, in reality, the file that’s attached to the scam emails is a Google phishing page that’s designed to harvest Gmail usernames and passwords.
The data entered by victims is stored on a server controlled by the cybercriminals. This particular tactic could be highly effective since it doesn’t require any newly registered or compromised websites to host the phishing page.
In case you come across such emails, act with caution. If you’re already a victim, change your Gmail password immediately.