Phishing Attempt

The other day I recieved an e-mail that looked like it had come from Google Analytics, but in fact, it was a phishing attempt. It was titled with the following in the subject;

'Update for Google Analytics ID'

and it contained the following text;

New Google Analytics ExtensionDear Google Analytics user,You are receiving this message because your account (Google Analytics ID: ) can now access the new Analytics Extension that identifies your site visitors for the past 12 months.What's the New Extension?Earlier this year, we introduced Web Leads for Google Analytics that showed users a list of the companies that had visited their website and included such detailed information as company addresses, employee contacts, emails, and phone numbers.Starting August 20, 2018, this new extension will now allow you to view even more information about your website visitors in nearly real-time, including search keywords, contact emails and more.For Google Ads users:If you are using AdWords, you'll be given access to view even more detailed information and useful knowledge about your AdWords visits, including which keywords are used by your visitors before they click on your ad and an option to filter the ads that provide the best leads.Next step:1. Sign in with your Google Analytics account today to access the new extension.2. Sign in with your Google Analytics account before September 15th to view your website’s full 12-month visitor report.All Web Leads data can be downloaded for free into Excel or Google Docs. If you have further questions, please contact us at any time by email or via our live chat support.

It had a link at the bottom urging me to sign in to my analytics account,

I smelled a rat as the e-mail address that it had been sent to was not the e-mail address that was associated with my Google Analytics account and also it was addressed as 'Dear Google Analytics user'.

I hovered my mouse over the link and I could see that the web address that it would take me to was not that of Google analytics, there was no mention of any details of me or my account with Google.

The email account that it had come to was 'info at my domain name'. I did not have this email account in existance and it never had been, so I looked at my e-mail server settings and noticed that there was an option to bounce email for non existant users and this was turned off, so I realised that with this turned off, any one could send an email to me at my domain name , all they would need to do is make an email address up, by putting any word in front of the '@' symbol, such as 'info' or 'admin' and then add 'mydomain name' and this could then be sent and forwarded to my regular e-mail address.

I have now turned on the 'bounce for non existance users' so now any made up address or old emails will now bounce back to the sender.

I urge everyone to be very vigilant and check e-mails carefully and also to check settings in your hosted e-mail accounts.