Phishing Attempt

The other day I recieved an e-mail that looked like it had come from Google Analytics, but in fact, it was a phishing attempt. It was titled with the following in the subject;

'Update for Google Analytics ID'

and it contained the following text;

It had a link at the bottom urging me to sign in to my analytics account,

I smelled a rat as the e-mail address that it had been sent to was not the e-mail address that was associated with my Google Analytics account and also it was addressed as 'Dear Google Analytics user'.

I hovered my mouse over the link and I could see that the web address that it would take me to was not that of Google analytics, there was no mention of any details of me or my account with Google.

The email account that it had come to was 'info at my domain name'. I did not have this email account in existance and it never had been, so I looked at my e-mail server settings and noticed that there was an option to bounce email for non existant users and this was turned off, so I realised that with this turned off, any one could send an email to me at my domain name , all they would need to do is make an email address up, by putting any word in front of the '@' symbol, such as 'info' or 'admin' and then add 'mydomain name' and this could then be sent and forwarded to my regular e-mail address.

I have now turned on the 'bounce for non existance users' so now any made up address or old emails will now bounce back to the sender.

I urge everyone to be very vigilant and check e-mails carefully and also to check settings in your hosted e-mail accounts.