Wednesday, 4 August 2010

reporting phishing attacks to google

I recently received an emailed pdf from Google Incorporation ( inviting me to apply for some funding.

It was fairly transparently a phishing scam, but the pdf did look like an official google letter. (I have had some dealings with Google professionally and know what Google's letterhead looks like - I suspect the people involved used an AdWords letter)

So, being a good corporate citizen I decided to report it as I reckoned that you'd like to know somone was ripping off your letterhead.

This actually turns out to be extraordinarily difficult. Google have sites and fora for people doing misleading web pages and malicious emails using their services, but nowhere you can actually report that someone is doing naughty things impersonating them while using other people's services.

Now Google is big company, and runs fairly lean and mean, and probably has a gazillion of support queries so you can understand that they really can't cope with email and push people to self help using the fora. But there are the difficult cases.

In the end I emailed the Gmail support team's mailbox and got the 'use the fora' canned response. So I reckoned that it had gone into the great bit bucket in the sky, so I emailed someone I know - not the best solution ...

No comments: