Legacy Blogger Account Scam. Google hacked? [Warning]


I got this mail today from blogger-support@google.com
I guess this has to be a scam.  I would suggest everyone not to click on any links on this mail. Correct me if I am wrong. 



-----------
Subject: Final reminder to update your legacy Blogger account
-----------
Hello,

You are receiving this message because your email address is associated with an unmigrated legacy Blogger account. As we announced in April of last year, legacy accounts will no longer be accessible after May 30th, 2012 unless they are updated to the Google Account system. Any blog content associated with this account will also be unmodifiable after that date.

To transfer your blog to the Google Account system you need to visit the Legacy Migration page at http://www.google.com/appserve/mkt/iMA2S1grKn3Zbo right now to make sure that your account and associated blogs are claimed. If you’ve forgotten the Blogger password that is associated with this email address, you can use our Account Recovery page at  http://www.google.com/appserve/mkt/Jhgj7jqe5HauJY to request password information to be sent via email.

For more information, please see our initial announcement we posted to our blog at http://www.google.com/appserve/mkt/RbroWLEb2H3GPo . If you have questions, please visit our Help Forum at http://www.google.com/appserve/mkt/grV44ag1ff9mB0 and create a message with [Legacy Account] in the subject line.

Regards,
The Blogger Team
Google
1600 Amphitheatre Parkway
Mountain View, CA 94043
----
This e-mail is being sent to notify you of important changes to your Blogger account.
------------


Google has not responded yet on any forums or blogs and some googlingsuggests that very  few people seems to be doubting the authenticity of the email. I'll wait to see how soon the tech and security blogs pick it up.

On forums like these,
 http://productforums.google.com/forum/#!category-topic/blogger/something-is-broken/l6QlxmXIfTU,
 http://productforums.google.com/forum/#!topic/blogger/OtEOplMkE8Q

a guy called "Brett from Blogger" is replying to posts convincing people that the issue is real and collecting blog urls and locations from users. (!)
Screenshot :



When you google "Final reminder to update your legacy Blogger account", many blogs come up in search links that have just this email as the latest post. I assume these are the blogs that have already been compromised.


Here's why I think it is a scam.

  • It does not address me by my name but by "Hello"
  • I have multiple blogs but this mail does not mention the title or url of any of those blogs. 
  • This page seems to suggest that everyone who tried to  "transfer blog to the Google Account system" was unsuccessful
  • When I go to my blogger account @ www.blogger.com, I get no notification about any migration. 
  • I did not hear of any announcements that the email mentions. 

This is actually a well designed scam beacuse,


  • All pages linked in the email 'seem' to be on google.com domain and use https. I don't know how they did it. Are the google servers hacked? Chrome seems to suggest that the url is legitimate

  • The FROM address is blogger-support@google.com. 
  • There seems to be a fake forum on google groups which has a lot of posts regarding this migration. 


If this is a real email, then Google has really goofed up this time.


UPDATE:
Here are the screenshots of the pages i got when I clicked on the links in the email (click to enlarge).








--------------------------------------------
Now someone has taken advantage of the situation and is collecting email id's on a simple GoogleDocs form. Google's services being used to phish. Nice. Happy spamming dude!

Here's a screenshot.

------------------
Someone set up a fake page on blogger (yes!) to make it seem like a known issue. 

This guy seems to KNOW how to really get your 'legacy blog' back. (!)
http://www.thoughtandmemory.org/2012/04/blogger-legacy-account-final-warning.html

---------------------------------------
UPDATE
There are other scam like things hosted on similar urls. Like this one 


Can't wait to know the truth. Till then I would suggest everyone not to click on any links on this mail. Correct me if I am wrong. 

It seems someone is going to win Google's Vulnerability Reward Program
 http://www.google.com/about/company/rewardprogram.html



1 comment:

  1. Excellent site you have here but I was curious if you knew of any discussion boards that cover
    the same topics discussed here? I'd really like to be a part of community where I can get suggestions from other experienced people that share the same interest. If you have any recommendations, please let me know. Bless you!

    My web site :: easy diets that work

    ReplyDelete