This appears to be a legitimate email from google regarding an attempt to use my password to log into google. Sent to an old AOL account i keep for trash. They used the first half of my AOL address with an @googlemail.com, which is close to a googlemail address i actually have and asks me to log in to verify the activity.
Im not sure how they intend to access my gmail accounts as this is a legitimate email from google and would direct me to the google accounts page so they would not have visibility of my passwords i use to try to log in.
Im not sure what this is.
Why would they use my AOL email address as a recovery account for a fake gmail account i dont have access to? How to they intend to get my log in details this way?
Any thoughts anyone?
Ps hope this is the roght place for this question.
When I receive things like this, I make sure to open Gmail from within Firefox with all extensions meant to defend me (like NoScript, unlock origin, privacy badger, https everywhere) and then I hover over the gigantic button “check my activity” and see if it leads to a accounts.google.com link.
Either way, I then copy the link address without clicking on it, and open it in a private window to see what happens. If it’s a scam, the page it opens has a legit looking, but wrong google address (aka, it cannot really end with google.com). Then I just stop having fun and don’t continue nor type anything
What does it look like in your case?
But google and googlе may not be the same.
Homograph attack uses other characters that look the same.
Go here: https://mothereff.in/utf-8 and paste-in both previous instances of “gооgle”, and you’ll see they differ.
Fun fact: The one in quotes is also different from the two.
Firefox knows the difference though, it won’t pull your passwords or login cookies. But yeah, it’s very easy to fall for phishing attempts, I just never click on anything sent in a mail to be safe.