Email systems often fall into the “set and forget” category for many small businesses. Once they’re working, they tend not to be revisited unless something goes wrong. However, Google has announced a change that makes now a good time to review how your business email is set up.

From sometime in January 2026, Gmail will stop supporting an older email method called POP3, which some businesses still rely on to collect emails from multiple accounts into one inbox in Gmail.

This change won’t affect everyone — but if you use the Gmail website on your computer, it’s worth taking a closer look.

What is POP3, and why does it matter?

POP3 is an older way of retrieving email. It allows Gmail to “pull” messages from another email account (such as an Outlook or hosting-based email address) into your Gmail inbox.

For years, this has been a convenient way for business owners to manage everything in one place, especially if you like Gmail’s interface. However, POP3 has limitations and doesn’t meet modern security standards. For that reason, Google has confirmed it will be retired in early 2026.

Once this happens, you will not be able to retrieve any new emails in the desktop version of Gmail. Any emails already received will remain, but new messages will stop appearing unless your setup is updated.

What is not changing?

The good news is that many modern email setups will not be affected.

If your business uses:

• Other email clients (software) such as Outlook, Thunderbird or Apple Mail
• Native Google Workspace email accounts being accessed via the Gmail website
• The Gmail app if it receives your emails using IMAP

then no action is required.

IMAP is more secure, keeps emails synchronised across devices, and is the recommended approach going forward.

What should businesses do now?

A lot of the considerations about this change comes down to whether you like to use Gmail on your computer or laptop as the way you access your emails.

1. I want to continue to use Gmail on my computer

If Gmail is currently pulling emails from other accounts automatically, it may be using POP3. This is especially common in older or customised setups.

In this case you will need to move your emails to Google Workspace. This is a paid service from Google. There are transfer tools available to help with moving your emails into Google Workspace.

It can be a relatively complicated process as it also includes updates to your domain name, so you may need some help with that.

2. I am happy to move to another email program.

Once you choose your email program to use, (some common ones include Outlook, Thunderbird, BlueMail, Apple Mail), then you will need to load your emails into the new program. It is better to add it using IMAP rather than POP to future proof your email set up. You may want to talk to an IT person to help with this process as just adding the email to your new email program may not bring across all of your existing emails.

Some other things to think about

1. Move to IMAP where possible

IMAP provides better reliability and security and works across desktops, laptops, and mobile devices. Most email providers support it by default.

2. Use email forwarding if a single inbox is required

If you prefer everything to land in one Gmail inbox, email forwarding is a reliable alternative. Messages are sent directly from one mailbox to another, without relying on outdated protocols.

3. Take the opportunity to simplify

This change is also a chance to clean up old addresses, unused inboxes, and confusing workflows — improving efficiency and reducing the risk of missed emails.

Why Google is making this change

Google has not published extensive technical detail, but the reasoning is widely understood to be security-driven. POP3 is an older protocol that lacks the protections and flexibility of modern email standards.

By retiring the POP3 option helps reduce risk and aligns Gmail with current best practices for business communication.

The bottom line for New Zealand businesses

This is not a reason to panic — but it is a reminder that technology changes, even when things appear to be working fine.

If your email setup hasn’t been reviewed in several years, taking action now can prevent disruption later and ensure your business email remains secure, reliable, and future-proof.

If you’re unsure where to start, a quick review can often identify whether changes are needed and what the best next step is.

The post Gmail Email Changes Coming in 2026: What Small Businesses Need to Know first appeared on SAJE.

Our first one is a phishing scam trying to get email login details so they can then use your account to either access and control your account, or to use the email address to send out spam. Most use fear as their overriding emotion, putting errors and the threat of account deletion as a way of compelling people to click their links

The Email:

Dear webmaster@deepweb.co.nz

Some Incoming Messages were Undelivered to Inbox

You have some important email messages that were undelivered to your inbox since 10th  May. 2021.

This is due to a IMAP and POP settings error on your e-mail, webmaster@deepweb.co.nz incoming messages were delayed.

Log on to deepweb.co.nz Portal to recover your delay messages.

[ Proceed Here to Fix Errors ]

Find some of the errors being detected by the mail server for  deepweb.co.nz listed below:

• Underlivered to inbox
• Undelivered to inbox
• Underlivered to inbox
• Pending delivery

Copyrights© 2021
Help & Contact – Fees – Security – Features 

This message link is secured and encrypted by Avast.
www.avast.com

The Analysis:

The scammer uses a mix of valid links pointing to both the targets domain name (footer links plus portal link) and a single link (the Proceed Here to Fix Errors] to the scammer login page where they would scrape the entered login details

They even use a fake footer to refer to Avast antivirus to give the impression that the email has been scanned and verified as safe to open and click links.

With all of these kind of emails be very wary of anything threatening to shut down services or disable access. If you are unsure contact the provider directly to verify the information.

The post Another Spam Email Example first appeared on SAJE.

We get lots of calls from clients who have received emails from people claiming to be SEO experts. These emails state that the clients website is riddled with errors and that they can help correct these problems and improve search rankings

Here is a copy of one such email I received

Hi,

My name is Anil kumar, and I am Online Marketing Manager at a leading Digital marketing company/SEO and Web Designing Company.

I was analyzing your site and it seems that some of your website rankings have dropped. It is due to non optimized techniques/errors

And Google guidelines not being followed properly. As you know that Google’s crawler is software and work on coding basis only.

That’s why site coding portion should be strong for better results.

I would like to present a detailed analysis of your website along with errors that your website and ways to improve your Google rankings.

It would be a detailed report and would be explained as well on phone once we send this over to you.

Please let me know if we can discuss this.

Thanks,
Anil kumar
Online Marketing Manager

Now, improving your rankings is important. It is something that you should be looking at. However, these emails are problematic for a number of reasons

1. Despite stating they have analyzed the website, I expect that in 99% of cases this is not true.
2. These are untargeted spam emails.
3. Their skill level is unknown, with no website for reference and only using a gmail address for email.
4. In some cases the lack of skill in writing emails in English may cause concern if your website is in English.

All in all, you are better to talk with your current web designer about SEO and how they can help you. They know your website, know what has been done in the past and are in the best position to either help you out or give advice on how you could get exert help for this.

Don\’t fall prey to the SEO scammers

The post Those SEO Emails you get first appeared on SAJE.

Supposedly from TrustWave, it tells of a failed vulnerability scan on my network and to view the results online.

Visiting this site potentially loads Malware, or tries phishing techniques to get access to your systems.

One interesting aspect of this is it predicts IP ranges that will attempt to access your network, which makes me lean toward a malware attack.

This is an automated email message to prevent you that the scheduled TrustKeeper vulnerability scan of YOUR NETWORK SYSTEMS has completed and is not compliant.

IMPORTANT: During the scan, TrustKeeper Discovered several Unsecure systems. Trustwave strongly recommends you review these findings as your overall PCI DSS compliance status may be affected.

TrustKeeper generated a vulnerability scan report. You may view these results by accessing TrustKeeper at:

https://login.trustwave.com
User Name:webmaster@deepweb.co.nz

You will receive an e-mail confirmation when the scan completes and your results are available. Please note that this can take up to three days.

Note: If you monitor your network for activity, note that the TrustKeeper scan may originate from IP addresses in these ranges:

200.16.208.0/24
61.37.230.0/24

TrustKeeper is a certified remote assessment and compliance solution created by Trustwave and designed to help merchants meet the PCI DSS and achieve compliance with the associated programs of VisaŽ, MasterCardŽ, American ExpressŽ, DiscoverŽ, and other credit card associations. The TrustKeeper solution is an integrated easy-to-use tool that removes the challenge of navigating the complex PCI DSS requirements and provides a \”one stop shop\” for merchants to certify compliance.

DO NOT REPLY TO THIS MESSAGE VIA EMAIL.

This mail is sent by an automated message system and the reply will not be received. Thank you for using TrustKeeper.
This email was sent to: webmaster@deepweb.co.nz
This email was sent by: Trustwave
80 West Madison Street, Suite 1080, Chicago, IL, 60408, USA

We respect your right to privacy – view our policy

So a new attack method, using fear to cause people to click the link and open themselves up for the real attack.

The post Trustwave Vulnerability Scan Scam first appeared on SAJE.

Is is purportedly from ADP, a payroll system, but includes links to obviously hacked sites for phishing

They are looking for ADP logins, to then access personal information of companies employees.

Here are the two emails

Subject: ADP Generated Message: First Notice – Digital Certificate Expiration

This e-mail has been sent from an automated system. PLEASE DO NOT REPLY. If you have any questions, please contact your administrator for assistance.

———————————————————————
Digital Certificate About to Expire
———————————————————————
The digital certificate you use to access ADP\’s Internet services is about to expire. If you do not renew your certificate by the expiration date below, you will not be able to access ADP\’s Internet services.

Days left before expiration: 2
Expiration date: Jul 11 23:59:59 GMT-03:59 2012

——————————————————————–
Renewing Your Digital Certificate
———————————————————————
1. Go to this URL: https://netsecure.adp.com/pages/cert/register2.jsp

2. Follow the instructions on the screen.

3. Also you can download new digital certificate at https://netsecure.adp.com/pages/cert/pickUpCert.faces.

———————————————————————
Deleting Your Old Digital Certificate
———————————————————————
After you renew your digital certificate, be sure to delete the old certificate. Follow the instructions at the end of the renewal process.

and…

Subject: ADP Security Management Update

ADP Security Management Update

Reference ID: 68760

Dear ADP Client July 2012

This message is to inform you of the upcoming ?Phase 2? enhancement to ADP Security Management (formally ADP Netsecure). This is where you manage your users? access to ADP?s Internet services, and includes the self-service registration process.

Effective July 25^th, ADP Security Management will reflect a new user interface. This will include tasks such as Account Maintenance, User Maintenance, and Company Maintenance within Security Management.

Please review the following information:

? Click {link} to view more details of the enhancements in Phase 2

? Complete the What?s New in Security Management Service {link} (Expected to take about 15 minutes)

? View the Supported Browsers and Operating Systems, listed. {link} These are updated to reflect more current versions to ensure proper presentation of the updated user interface. It is important to note that the new ADP Security Management is best accessed using Microsoft Internet Explorer Version 8 or Mozilla Firefox Version 3.6, at minimum.

This email was sent to active users in your company that access ADP Netsecure with a security role of ?security master? or ?security admin?. You may have other users that also access ADP Netsecure with other security roles. Please inform those users of these enhancements, noting that the above resources will have some functionality that does not apply to their role.

As always, thank you for choosing ADP as your business partner! If you have any questions, please contact your ADP Technical Support organization.

It is important to look at the status bar at the bottom of your email client, as this will display the underlying link that you would be taken to if you click it. If it looks anyway suspicions, do not click the link

The post New Scam email from ADP Netsecure first appeared on SAJE.

Please, please please do not click on those \”OMG see what someone is writing about you\” kind of tweets. Or you will be hacked and your account will be used to send horrible stuff to all of your friends.

Yours sincerely,

The Twitterverse (The good ones anyway)

PS: If you got here by clicking on the link in a tweet, retweet it, so we can warn more people 🙂

The post Twitter DM Spam / Virus / Phishing first appeared on SAJE.

Here is the email

From: ir3refundfiles@ird.govt.nz

Subject Due to our latest update you are eligible for a refund

Dear Sir/Madam,

You are receiving this e-mail with reference to our latest database update on February 5, 2012.

Due to our most up-to-date calculations, Inland Revenue updated his database system to a more accurate structure. As a result, you are eligible to get a refund of 184,56 $NZD.

Please download IR3-e-file_FORM-759784123157 attached to this e-mail, complete the form with your personal information in less than 48 hours and allow up to 24 hours to update the data into our database.

Your records are securely encrypted through a secure 128 bit socket to our servers and will NOT be shared.

Reference number: 76178256192/2012nzr.

E-mail officially sent by Ross Hughson.

Inland Revenue – IR3_e-file refund form . html

As you can see it is \”from\” an IRD email address, ir3refundfiles@ird.govt.nz, to make it look more legitimate. It also give a real sounding name and a refernce number.

What could go wrong?

Well the HTML file that is attached will be the bit that bites. It will either redirect you to a phishing website or gather your data then and there and report it back.

Don\’t open these kinds of things, if in doubt, give them a ring.

The post IRD Refund…Oh Goody first appeared on SAJE.

With this latest email (I received 2 today, even though I am not in the US) they use the threat of a complaint against your company to get you to click on a link in the email.

Here is a copy of the email

RE: Case # 18558568
2011/12/20

Hello,

The Better Business Bureau has been filed the above-referenced complaint from one of your clients on the subject of their dealings with you.
The detailed information about the consumer\’s concern is presented in enclosed document.
Please give attention to this matter and let us know about your opinion.
We encourage you to open the ATTACHED REPORT to reply this complaint.

We look forward to your prompt response.

Sincerely yours,

Louis Gerald

Dispute Counselor
Better Business Bureau

So again, it is a case of being careful when something like this appears in your mailbox. Don\’t panic and click the link to see what the issue is, if in doubt hover over the link and it will tell you in the status bar of your email program the real link that it will take you to.

If it looks in any way suspicious, leave it alone.

The post New Scam – Better Business Bureau first appeared on SAJE.

In this instance it appears to be a phishing scam by trying to trick you to click on an apparent document link that takes to to a webpage.

Other known reports of this (here) talk of zip files being delivered to entice people to run the included .exe file (similar to the UPS scams)

This appears to a bit cleverer as it takes you to a website rather than the hassle of unzipping and running the executable.

The organisation mentioned does not send out these emails and so you can delete with impunity.

Here is the message:

The post Malware/Phishing Attempt About declined Payment first appeared on SAJE.

Anz Bank

We\’d like to inform you that your Secure Messages Center has 1 new message.

Please login to your Online Banking and visit the Secure Message Center section in order to
read the message.

Log On to Online Banking.

(The Message Center contains only important information about your account and online banking.)

Copyright Australia and New Zealand Banking Group Limited ABN 11 005 357 522, 1996-2011.
ANZ\’s colour blue is a trade mark of ANZ.

The log on link goes to http:// nogueirametalurgica . com . br/www . anz . com/index . php

This is a typical ploy where they hide the link to a hacked website. Here they have placed a site that looks the same as the target (This time ANZ) and hope that you do not look at the link that appears in the URL section of your browser.

Whenever you get a dodgy email, you can often just hover over the link in the email, and the email program will show you the link that you will be taken to.

If it is anything like this, then stay away

The post ANZ Bank Phishing Target Again first appeared on SAJE.