Although I have already discussed several similar cases on the blog, it never hurts to post more examples to learn and avoid falling for these tricks. The following are two fake emails trying to steal Hotmail and Gmail passwords, pay attention especially to the second example which looks very real.
Fake Hotmail email:
The message is in English and refers to an alleged confirmation of the account to be made, when you move the pointer over the link you can clearly see that the destination is a strange page, this added to the suspicion of the message itself clearly indicates that we are before a phishing attack.
At the time of writing this post the landing page was no longer operational, but you can see another example here.
Fake Gmail email:
In this case the message is in Spanish and it looks more convincing although the wording is not good, it refers to a deactivation of the account and explains how to reactivate it, simply click on Activate Account:
If the victim does not detect the deception and clicks they will end up on a page like the following:
Notice the design, it's a exact copy of Gmail that could perfectly fool anyone. However by paying attention to the URL (something you always have to do when entering passwords), you can see that the real domain is a .info and not gmail.com as at first glance it seems.
It's that simple, you can lose your password and compromise information, that's why you have to be careful with received messages and not be carried away by the appearances of the pages.
Thanks Rodrigo and Neri for the shipments.
See also: Report phishing from Gmail and Hotmail. QR codes with Trojans and also phishing. Fake researchers who claim to steal passwords.