I got an email from Google saying that I’ve been violating Google policies and that my account has been locked and disabled. How can I contact Google to ensure that I can restore access to my account? I have hundreds of emails and documents in my account and can’t lose access to them!
Before we go any further with this, take a deep breath. Hold it. Let it out slowly. You’re fine. This is not an email from Google itself, but from a malicious group of hackers using what’s known as a “phishing” attack to try and obtain your account credentials so they can hijack your Google account for their own purposes. The way it works is that they send what looks like a legit email message that warns you of something dire and then require you to respond with login and password credentials to “prove” you have access to the account. Then they log in, change the password without telling you, and you then are indeed locked out of your own account.
While this particular email is related to your Google or Gmail account, these are also quite likely to come from financial institutions because if they can gain access to those, they can transfer actual balances into their own accounts before you regain access, stealing not only your account but your money too. That’s why you sometimes get email from banks warning about account access and security even though you don’t actually bank with that institution! They’re all scams.
Truth is, the vast majority of organizations are so aware of the plague of phishing scam email attacks that they rarely if ever send email any more, and if they do, basically just say “log in to our site, check your account for messages”. In all cases, type in the URL of that organization rather than click a link in an email, however legit it appears. One easy way to protect yourself.
I dug through my spam folder and found a Google “account locked and disabled” email to step you through what’s going on and how to recognize the scam too. Subject “Your Google Account Has Been Locked”:
On first glance it seems legit: It has my email address embedded in the email, it’s from “Support Team Security” and it doesn’t have any suspicious links to click on, right? But look closer. Look at that return email address, for example. Would Google send an email notification from “support@reply-us.zke.com”? These email messages, typically originating from China, Africa or Eastern Europe, just about always have grammatical hiccups too. “So if you think this is was a mistake.reply us by this email asap.” Uh, what? You can be sure that if Google ever sent you an email notification, it’ll be grammatically correct.
But perhaps you aren’t taking the time to analyze the email message because you’re panicking. Legit. (even though how could you get this email if your Google account was indeed disabled and locked?) So what happens if you Reply to the message as it invites?
Turns out that it’s quite interesting because while it may seem it would go right back to that strange support@ email address, in fact, you find this set of destinations:
What the heck? What’s happening here is that one of these email addresses is the account of the person running the scam, and the others are all just noise to confuse the issue. Think of hiding in a crowd: Which is the bad guy? My guess, if I had to pick one, would be that supp0rting.inter@yandex.ru address, but who knows? Yandex is a popular search engine and email service similar to Google but based in Russia (the .ru domain name).
At this point it’s clear you should simply delete the email and bail, right? I mena, there’s 0% chance Google is going to be using anything even vaguely similar to communicate with you about your account.
But perhaps you don’t. Perhaps you choose to respond, as I did to see what would happen:
Apparently I’m not the only person who fell for this as immediately a couple of the email addresses refused the email with this error:
Not every address had that, however, so at least one copy was delivered to an inbox (or spam folder) on Yandex. Disappointingly, at this point I have not yet received a response from the actual scammer. If I do, I’ll come back and add it to this article!
The main point here, however, is to be skeptical and always ask yourself “does this look legit? Would this company or organization communicate in this fashion?” and don’t forget that if you do feel it might be legit, you can always type in the URL for that company and go into your account to see if there are any messages pending. On Google, just click on your tiny profile pic on the top right:
A click on “Manage your Google Account” and you’ll be in the right spot to receive any legit notifications from Google.
Be careful and stay safe out there!
Pro Tip: I’ve been writing about online scams and security for many years. Please check out my online security help tutorials while you’re here on the site. Thanks!