I have received the following notification for several times, but I never want to respond. Is this notification authentic?
"Waitlist reason: Gmail (supportsacounts![[put at-character here]](image/at.gif) gmail.com) is not on your Guest List | Approve sender | Approve domain |
We are shutting down some email accounts and your account was automatically chosen to be deleted. If you are still interested in using our email service please fill in the space below for verification purpose by clicking the reply button. Learn more
Account:
Password:
Birth date:
Country:
Warning!!! Account owner that refuses to update his or her account within Seven days of receiving this warning will lose his or her account permanently.
Thank you for using Gmail!
The Gmail Team
GMAIL" |
Looks like phishing to me... |
This one is phishing for sure. All similar notifications are phishing, but sometimes they sound very convincing. Here's how to handle a notification if you think it might possibly be genuine.
Don't click on any link in the email. Open up your browser and type in the address of the service (found from your own records, not from the suspect email). For example, if you received a suspect email saying it was from Gmail, you would type in this address:
h t t p s : / / m a i l . g o o g l e . c o m
(spaces inserted above to stop it being modified by the forum software)
Log in as normal on the genuine website. If the event being notified by the suspicious email was real, it would ALWAYS be notified here too.
Delete the phishing email so that you won't accidentally click on its links in the future. Better still, if your email system allows, mark the message as spam to help protect others from the phishing. |
No service will EVER ask you for a password via email.
[personal attack deleted] |
> No service will EVER ask you for a password via email.
If only it was that simple.
It's commonplace when you register for a new service to be asked to click on an email link to confirm that you have registered under your own email address. Once you do that, there is usually a "login" link on the resulting webpage.
When PayPal's algorithms think you've been hacked, you need to submit not only your password but also some additional information (like bank account numbers or credit card numbers) before you can get your account re-enabled. That particular notification email has no links in it, so you are forced to use your own bookmarks or type the address into the URL bar yourself. But then when your account access is restored, PayPal sends you an email with clickable links for "Security tips" and "Help", and on those pages is a login link.
So it's certainly possible for a phisher to collect passwords by sending out facsimiles of legitimate emails. |
