TOKYO (MacHouse) – Almost three hours ago, an organized cyber criminal group circulated a suspicious e-mail message involving Google‘s Gmail. The message titled Inactive contains a hyperlink. By clicking on it, one will be directed to a scam website to harvest Gmail accounts.
Screenshot 01 – Source:
Screenshot 02 – Source:
Now, let’s see quickly why we think this e-mail message is nothing but fake, making it look like it had been sent by Google. Screenshot 01 shows the source code of the scam message. The header indicates that it originated from a server whose IP address is 188.8.131.52. It shows that it comes from heliohost.org. In fact, this IP address is traced to a server belonging to an organization called Helio Networks. (Screenshot 02 shows a screenshot of Helio Networks’ website.) What are chances that Google rented HelioHost’s server to send a message to a bunch of Internet users? Pretty much zero…
Most likely, this scam message has been circulated by a group of high school drop-outs who are stupid enough not to know how to manipulate the e-mail header. We wish all cyber criminals were this stupid.