I’ve had a gmail account for a while, but recently I’m asked to sign in to a gtmail account. The URL for the “Can’t access your account” feature is:
“h t t p s ://w w w.google.com/a/cpanel/gtmail.com/ForgotAccountInfo”
(without all the spaces)
The whole thing is throwing up all sorts of red flags including the fact that googling “gtmail” returns results for “gmail” by default. Even when I insist that it’s “gTmail” that I’m searching for, I don’t get any substantive hits like you would expect for a Google based product.
I suspect it’s a phishing expedition. Don’t click on their link, but access your gmail account by typing mail.google.com in the address bar, or by clicking on the gmail link in the Google page.
Try this link here. You’ll find a couple of interesting articles about Gmail and phishing. I didn’t follow all the links, but I didn’t see one that leads to a place to report it. (!) The one about “Messages asking for personal information” gives a lot of info though. Follow FatBaldGuy’s suggestion about how to get to the right site where you should be able to log in.
The URL is a Google Apps business URL for the domain gtmail.com. It does appear to be a form of phishing where the app for that business will ask for your email address and then probably goes on to ask for your password. And you respond with your gmail address info. Very clever as they get you to go to a real google.com web site. I signed up for Google Apps just to see what would happen and I get a site with a URL like this:
The owner may be able to configure a page for Forgot Account Info intended for their own users but hoping you will enter your gmail.com information instead.
If I understand domain naming convention right, what comes rightmost in the name, next to the rightmost instance of .com or .org, etc. is the domain you’re really going to and not the first one in the name string next to “http(s)://” right? So if you think you’re going to google.com based on the leftmost characters you are actually going to cookingwithgas.com as seen on the right?
And this is definitely behavior you need to report, as it definitely violates the Google Apps terms of service. Here’s the abuse report form. Be sure to mention that they are phishing for your Gmail account information, and quote the entire email.
No. It’s always the one on the left. The issue here is that Google lets you sign up for a special account if you own your own URL. This is why I’m saying this needs to be reported to Google. Someone is using their Google Apps feature to try to steal account information.
(The fact that the OP is getting an error now doesn’t mean it didn’t work previously. There’s just point in such an email unless that’s what they were doing.)
The only other thing that might be to the left of the hostname in a URL is a user : pass combo, in the form http://username: password@foo.com/bar.com/ (no space) - again the hostname here is foo.com.
Okay, having read more information, it’s possible this is a bug of some sort. But that’s still something Google needs to sort out, so I’d still report it.
“Always on the left” does have a caveat, and it’s an important one.
Note tellyworth’s second example above; the one with “username:password”. Phishers sometime use that format to fool people into thinking that the link is for a valid domain. They do so by using a valid domain in the “username” position.
Another trick is that scammers will use subdomains to make it look like something more official. Recently I’ve been receiving phishing attacks on World of Warcraft accounts that started with something like: http://www.blizzard.com.xml-login.net/more/stuff
That’s probably a better way to put it, considering Dr. Strangelove’s example.
The problem of course is that most people have no clue as to how URLs are constructed. Which is completely understandable if they’re not IT professionals.
Scammers will always find a way to slip things past non-technical (and sometimes technical) people. I don’t know what the answer is.
It doesn’t help that URLs are sort of odd and confusing to begin with.
The domain name part is read in one direction, the path in another, and there’s seldom-used access control that can be put at the beginning and obfuscate things more. It’s a mess.
If URLs looked like:
com.google.www/foo/bar it would be easy to just always read them left to right. The left edge would always be the top of the tree.
user:pass is still weird to deal with, but it should probably just not go at the front. If we want to be able to tell where links go by reading them, then there needs to be a well-demarcated starting point that’s always there.
I don’t disagree but I doubt that it’s fixable at this point.
The browser feature mentioned by Dog80 is certainly a help, but people need to be taught to use it. Maybe an extra field in large type showing just the top and second level domain names would help. It could say something like “You are at this domain: yourbank.com”