GMAIL users have been hit with a ‘red alert’ warning and urged to ‘remain vigilant’ amid a new scam stealing sensitive information.
The long-standing mail platform has more than a billion worldwide users.
Countlessregularly try to catch out the billions of people who use Gmail, but the vast majority of these are caught and blocked by Google’s filters and.
This latest threat would see criminals deceive users while stealing their valuable data.
But how exactly is this scam even pulled off?
The deception begins with a phone call and scammers claiming to be from Google.
From there, the caller attempts to access the would-be victim’s Google account by claiming an account details change needs verification.
The actual objective is securing the two-factor authentication code sent by Google upon the user’s request.
Should the crooks receive this, they will be able to hack the account and lock out the real users.
In a statement to Forbes, Google said: “We’ve hardened our defenses to protect users from this type of abuse and suspended accounts that have misused Google services in these scams.
“But we encourage all users to remain vigilant – please reiterate to your readers that Google will not call you to reset your password or troubleshoot account issues.”;;
Last month, Gmail users over a sophisticated phishing scam.
This new phishing scheme was so advanced that it could, meaning some users could be caught out.
Google said it was working to stop the “extremely sophisticated attack”;; which looked incredibly real and could trick you into giving away.
Developer Nick Johnson said he was targeted by the attack, which consisted of a message which suggested a legal subpoena had been issued for him.
The scam also told users that a copy of their Google account content needs to be produced.
Although this sounds far-fetched, people may have been inclined to trust the email due to coming from a seemingly valid Google account.
He explained in a thread on X: “The first thing to note is that this is a valid, signed email – it really was sent from [email protected].
“It passes the DKIM signature check, and Gmail displays it without any warnings – it even puts it in the same conversation as other, legitimate security alerts.”;;
In a statement toNewsweek, a Google spokesperson said at the time: “We’re aware of this class of targeted attack from the threat actor, Rockfoils, and have been rolling out protections for the past week.
“These protections will soon be fully deployed, which will shut down this avenue for abuse.”;;
