- Popular
- Most Talked-About

Report

Online Threat Alerts (OTA)

An anti-cybercrime community alerting the public to web or internet threats.

Online Threat Alerts (OTA)»

"Someone has your Password" Phishing Emails

Save
Comments: 35
Views: 4,306
Updated: December 7, 2017 2017-12-07T17:57:42
Date: December 7, 2017 2017-12-07T17:55:21

Online users, if you have received email messages like the one below that claim someone has your password, please do not respond to them. This is because the emails are being sent by scammers, and not Google. And, remember to never give your password anyone, especially over the phone or via an email message.

A Fraudulent "Someone has your password" Email

From: g o o g l e <info@orion1148.startdedicated.net>

Subject: Someone has your password

Reply-To: <hi@fzdm.com>, <hi@whisper.sh>, <reply@myfiffy.com>, <hi@transferwise.com>

It is required that you reply within the next 24 hours, We will suspend access to your account if we don't recieve your reply with in the given time frame, We would appreciate your immediate attention to this matter

Online users who have already been tricked by the fraudulent email message are asked to change their passwords immediately before they are hijacked and used fraudulently.

Note: Some of the names, addresses, email addresses, telephone numbers or other information in samples on this website may have been impersonated or spoofed.

Please share what you know or ask a question about this article by leaving a comment below. Also, check the comment section below for additional information, if there is any.

Remember to forward suspicious, malicious, or phishing email messages to us at the following email address: info@onlinethreatalerts.com

Also, report missing persons, scams, untrustworthy, or fraudulent websites to us. Tell us why you consider the websites untrustworthy or fraudulent.

If you want to quickly find answers to your questions, use our search engine.

You can help maintain Online Threat Alerts (OTA) by paying a service fee. Click here to make payment.

Comments, Questions, Answers, or Reviews

(Total: 35)

To help protect your privacy, please do not post or remove, your full name, telephone number, email address, username, password, account number, credit card information, home address or other sensitive information in or from your comments, questions, or reviews.

The comments, reviews or answers below do not necessarily reflect the views of Online Threat Alerts.

February 17, 2019 at 9:59 AM by an anonymous user from San Antonio, Texas, United States
can't "forward" unless open the message...I will not open a suspicious message, so how can I forward it???
remove
- February 17, 2019 at 10:39 AM by info
  Opening a message will not harm your device unless it has a malicious attachment and you attempt to open the attachment.
  remove
August 5, 2018 at 3:22 PM by an anonymous user from Rock Springs, Wyoming, United States
I got one that said I hate you and you know why don't tell me I got the wrong person and it said from Sarah I just blocked it
remove
July 12, 2018 at 8:56 AM by an anonymous user from Pomona, California, United States
Yesterday I received an email that had one of my old passwords in the header! That was interesting. Given the list of places where I used it, it was interesting because I hadn't logged on to any of them in over 4 years. Did someone get an old server from a vendor and crack the user/password list. At this point I don't know but the scammer is very real.
The individual demanded $1900 in 24 hours or they would send video of me watching porn to my contact list. The closest to porn I have watched since college is deadpool, but you can photoshop anything so oh well.
It is sad that we live in a place where we are afraid of our own shadow, that is our online shadow, even if it is fake.
If you get an email like this, forward it to spam@uce.gov, mark as junk and delete it.
Cheers
remove
- September 2, 2019 at 1:35 PM by an anonymous user from Kansas City, Kansas, United States
  I am getting tons, not just a couple or few, from the SAME scammer, giving me the same old password, over and over again, shown as his proof to demand bit coin from me. Here's the thing though, it's my old password from my Equifax account... you know, the same one and only Equifax that announced September in 2017 that they had a data breach (got hacked into).
  They're NOT the only major company to have been data breached (hacked) and either... so what I think is going on is: whoever hacked them is either trying to collect off of the information stolen themselves. .. or they have listed (put out deep Web ads) been selling all the stolen passwords singularly or in lots to scammers to use as bait for their scams.
  remove
- July 20, 2018 at 9:13 PM by an anonymous user from Wellington, New Zealand
  I got the same one today from Annemarie Cherniack <ipxphillisgq@outlook.com> demanding $8000 in BTC or would release p**n to my contacts. The password was an old one that I found was still in use one some irregular shopping websites I had used.
  remove
  - August 18, 2018 at 4:13 PM by an anonymous user from Chicago, Illinois, United States
    Guess they are lowering their extortion rates, mine only wanted $1000 BTC. Anyone living in their basement or contracted govt surveillance should consider the wunderbar KARMA created for themselves by making extortion demands.. not to mention the illegal spying/stealing/deception to name a just a few other activities.
    remove
- July 18, 2018 at 12:02 PM by an anonymous user from Austin, Texas, United States
  Can you please give more detail about this email? I received one today and this is the only thing I've found online that sounds similar. Thanks.
  remove
May 29, 2018 at 3:39 PM by an anonymous user from Reston, Virginia, United States
i'm getting like 20 emails from Sam, Sarah and random names I can't pronounce
remove
May 28, 2018 at 8:13 AM by an anonymous user from Sicklerville, New Jersey, United States
I receive about 10 spam emails a day, usually from “Jasmine” or “Sarah” saying, “Hey YOU, please stop sending me your pictures. :) Thanks,” or “All I need is a yes or no.”
They are non-stop and I get really confused when I see them. I also get “Security Alert” saying that my account sends out suspicious emails and my access to the account will be suspended if I don’t respond within 24 hours.
I always think of responding to the ridiculous emails, just to mess around with them, but I don’t want to receive more than I do.
remove
- June 3, 2018 at 9:23 PM by an anonymous user from Appleton, Wisconsin, United States
  Receiving these same identical harrassing emails for MANY YEARS - some with password warning/alert, some from Jessica , Sarah or similiar very common English name. They also often claim to be a local person/neighbor or friend from the past.
  **** EMAILS ALMOST ALWAYS WANT A REPLY TO ITLGOPK.COM***
  and other various repetitive addresses.
  IMHO- obvious-phishing/ransom by deceptive devious blackhats!
  remove
  - June 4, 2018 at 9:40 AM by an anonymous user from Appleton, Wisconsin, United States
    Received this:
    "**Correction-Address in SPAM reply request is always --ITLGOPK.UK"
    remove
    - August 5, 2018 at 6:39 PM by an anonymous user from Rock Springs, Wyoming, United States
      this one was the email I got. Sarah <cfq93@ec2-52-88-141-0.us-west-2.compute.amazonaws.com>
      remove
May 14, 2018 at 7:18 AM by an anonymous user from Adelaide, South Australia, Australia
Receiving fake google emails, 3 a day. I'll never respond but I would like to find these scammers
remove
May 8, 2018 at 4:39 AM by an anonymous user from London, England, United Kingdom
Here is another scam:
"Security Alert <jp9vw1187nd2@kau5jjevtc.edu.se> via 759339
--------------- .us-west-2.compute.amazonaws.com
reply-to: contact@extremelogg.science,
mail@pacificland.online,
contact@watersrise.net,
contact@thanenough.net,
contact@allsportmania.club
to: A4Z2T25DMH53IU0IBJMM8@itlgopk.uk
date: 8 May 2018 at 07:21
subject: , Someone Has Your Password
mailed-by: 759339--------------- .us-west-2.compute.amazonaws.com
security: ec2-54-201-137-231.us-west-2.compute.amazonaws.com did not encrypt this message Learn more
The details showing in the header..."
remove
- June 3, 2018 at 9:21 PM by an anonymous user from Appleton, Wisconsin, United States
  Receiving these same identical harrassing emails for MANY YEARS - some with password warning/alert, some from Jessica , Sarah or similiar very common English name.
  They also often claim to be a local person/neighbor or friend from the past.
  **** EMAILS ALMOST ALWAYS WANT A REPLY TO ITLGOPK.COM***
  and other various repetitive addresses.
  IMHO- obvious-phishing/ransom by deceptive devious blackhats!
  remove
  - June 4, 2018 at 9:45 AM by an anonymous user from Appleton, Wisconsin, United States
    "**Correction-Address in SPAM reply request is always- ITLGOPK.UK"
    Could possibly be an identifier in illegal polce state surveillance by- 5 Eyes aggreement.
    remove
May 8, 2018 at 4:34 AM by an anonymous user from London, England, United Kingdom
Here is another scam:
"Google®
HI ,
Your Email Account has sent out spam emails to a list addresses that you don’t recongnize,!!!
You're getting this Email to make sure it was not you.
It's required that you reply within the next 24 hours, We will suspend access to your account
If we don't recieve your reply within the given time frame,
We would appreciate your immediate attention to this matter"
remove
April 29, 2018 at 9:33 AM by info
Here is another scam:
---------- Forwarded message ----------
From: "Security Alert" <n1gBJJ101iDj13mV80@xk2qp31v6de2ep1tipw.edu.se>
Date: Apr 27, 2018 3:22 PM
Subject: Someone Has Your Password
Google®
Hi,
Your Email Account has sent out spam emails to a list addresses that you don’t recongnize,!!!
You're getting this Email to make sure it was not you.
It's required that you reply within the next 24 hours,
We will suspend access to your account
If we don't recieve your reply within the given time frame,
We would appreciate your immediate attention to this matter
remove
April 23, 2018 at 1:38 PM by info
Here is another scam:
"From: Your account <team-G@your.account.com>
Date: To: ieikleber@gmail.com
Subject: Someone has your password
Google
Someone Has your Password
Hi,
Your Google Account was just signed in to from a new Windows device.
You're getting this email to make sure it was you.
It's required that you reply within the next 24 hours,
We will suspend access to your account
If we don't recieve your reply within the given time frame,
We would appreciate your immediate attention to this matter
Just hit relpy to this email and let us know.
You've received this email to update you about important changes to your account and the Google services you use."
remove
January 9, 2018 at 8:34 AM by info
Here is another scam:
"From: Account Security Google <bnnfrwlryueogrrjnblhmvjsvwmegimvvzoakngihlkcqcl@amozonsas.com>
Date: January 8, 2018 at 10:25:50 AM EST
Subject: Someone has your password
This message is from a trusted sender.
It is required that you reply within the next 24 hours,
We will suspend access to your account if we don't recieve your reply within the given time frame,
We would appreciate your immediate attention to this matter"
remove
January 8, 2018 at 3:01 AM by an anonymous user from Lisbon, Portugal
I just received an email from that orion1148 with the name Pablo saying this:
"Hey, Do you want me to wire you the money I owe you this week or the next one?
Answer me ASAP Goodbye,"
remove
January 5, 2018 at 3:16 PM by an anonymous user from New York, United States
I have gotten several emails from the listed orion1148 with the diplay name changing: Jasmine ("plz stop sending me your photos"), Tiffny ("STOP. I don't want your pics"), and various other sundry attempts to get my attention. The interesting thing is there is not an embedded link, so the phish must for me to reply and then it goes from there. Glad they get filtered to Junk Mail. Yes, take care out there and always look at the underlying email address behind the name.
remove
January 4, 2018 at 2:19 PM by an anonymous user from Albuquerque, New Mexico, United States
Some of these come, purportedly, from Google; others, from various forums. The common theme has been the startdedicated.net source. The individual server name (orion1148 here) changes periodically, presumably to bypass simpler spam filtering.
remove
January 1, 2018 at 11:05 PM by an anonymous user from Los Angeles, California, United States
Here is another scam:
Sender:
info@orion1148.startdedicated.net
"It is required that you reply within the next 24 hours, We will suspend access to your account if we don't recieve your reply within the given time frame, We would appreciate your immediate attention to this matter."
remove
December 19, 2017 at 10:18 PM by an anonymous user from Gillette, Wyoming, United States
Hello, I'm Sue Ann from Pleasant Grove, Utah. I have seen emails from this "Orion" in my SPAM box and the email says it's from Google, but I knew right away it was a lie and was the job of these scammers. I'm glad I didn't respond. It's a shame that these people have nothing else better to do with their time than send out emails like this. I hope most of the public will be aware that these emails are not from Google and the scammers are just trying to get your information. Thank you, Sue.
remove
December 16, 2017 at 10:51 AM by an anonymous user from Piqua, Ohio, United States
this email has shown up in my spam folder 2 times in the last 2 days from info@orion. I deleted it immediately! My gut knew this was a fraud. I checked my recent google activity immediately and all was well! BE CAREFUL OUT THERE!
remove
- May 14, 2018 at 7:38 AM by an anonymous user from Adelaide, South Australia, Australia
  I was getting fake google change my password emails and have received the jazman stop sending photos email . didn't know these were connected. Wish there was a way of using these emails agenst them
  remove
December 14, 2017 at 12:50 PM by info
Here is another scam:
---------- Forwarded message ----------
From: google <info@orion1148.startdedicated.net>
Date: Wed, Dec 31, 1969 at 6:00 PM
Subject: Someone has your password
It is required that you reply within the next 24 hours, We will suspend access to your account if we don't recieve your reply within the given time frame, We would appreciate your immediate attention to this matter
remove
December 12, 2017 at 8:03 AM by info
Here is another scam:
---------- Forwarded message ----------
From: "Account Security Google" <79228948zkdoszwr@sightheglp.net>
Date: Dec 11, 2017 9:12 PM
Subject: Someone has your password
It is required that you reply within the next 24 hours,
We will suspend access to your account if we don't recieve your reply within the given time frame,
We would appreciate your immediate attention to this matter
remove
- December 13, 2017 at 4:54 PM by an anonymous user from Essex, Maryland, United States
  Thanks for posting this warning. I received this message myself 5 minutes ago and was able to determine it is a scam thanks to this message. I did not and will not respond to it.
  remove
- December 12, 2017 at 12:34 PM by rashidkhan from Faisalabad, Punjab, Pakistan
  Is my account safe?
  remove
  - December 12, 2017 at 1:36 PM by info
    Yes, because the email is a fake.
    remove
December 9, 2017 at 12:39 PM by rashidkhan from Faisalabad, Punjab, Pakistan
Thank you for this info
remove
December 8, 2017 at 3:22 PM by an anonymous user from Norwalk, California, United States
I received this in my mail; it really caught me off guard. I get something like this and I am not sure who to trust or what to do. As it stands I will take the advice offered by google and do nothing. What's the worse that can happen?
remove

Show More Comments (35)

Show all Comments