- Регистрация
- 17 Февраль 2018
- Сообщения
- 38 917
- Лучшие ответы
- 0
- Реакции
- 0
- Баллы
- 2 093
Offline
A hacker group gained access to Google databases and is now attempting to scam Gmail and Google Cloud users.
Image: BigTunaOnline/Shutterstock.com
If you’re a Gmail user, you need to be particularly careful right now as criminals are currently targeting Gmail accounts. Hackers from a group called ShinyHunters were recently able to gain access to Google’s Salesforce database systems, reports Forbes.
Google has confirmed the attacks and states that general data like customer and company names were leaked, but not passwords. The resulting data leak means that users of Google services—including Gmail and Google Cloud—are now at risk of falling victim to phishing attempts.
How the phishing attacks work
Initial reports of attempted attacks have already been seen on Reddit, which are likely related to the data leak. Users describe how alleged Google employees have contacted them by phone to inform them of a security breach in their accounts.
In these scam attempts, attackers are trying to take over Gmail accounts by triggering alleged “account resets” and then intercepting passwords to subsequently lock out the account holders. Another attack method involves “dangling buckets” (i.e., outdated access addresses) to steal data from or inject malware into Google Cloud.
Both methods are extremely dangerous and currently threaten Gmail and Google Cloud users in particular, around 2.5 billion people worldwide. In theory, companies are of particular interest to hackers, but private individuals can also easily be targeted.
How to protect yourself
To be on the safe side, you should ensure that your account is protected against unauthorized access. Google has provided the following security measures for this purpose:
Above all, you must remain vigilant. Be particularly skeptical if you’re contacted by alleged support staff who can’t confirm their identity. Google employees will never contact you by phone or email to reset a password or make other changes to your accounts.
Further reading: Gmail’s AI summaries can be hijacked by scammers
This article originally appeared on our sister publication PC-WELT and was translated and localized from German.
Author: Laura Pippig, Staff Writer, PC-WELT
Laura is an enthusiastic gamer as well as a movie and TV fan. After studying communication science, she went straight into a job at PCMagazin and Connect Living. Since then, she has been writing about everything to do with PCs and technology topics, and has been a permanent editor at our German sister site PC-WELT since May 2024.
Recent stories by Laura Pippig:
Image: BigTunaOnline/Shutterstock.com
If you’re a Gmail user, you need to be particularly careful right now as criminals are currently targeting Gmail accounts. Hackers from a group called ShinyHunters were recently able to gain access to Google’s Salesforce database systems, reports Forbes.
Google has confirmed the attacks and states that general data like customer and company names were leaked, but not passwords. The resulting data leak means that users of Google services—including Gmail and Google Cloud—are now at risk of falling victim to phishing attempts.
How the phishing attacks work
Initial reports of attempted attacks have already been seen on Reddit, which are likely related to the data leak. Users describe how alleged Google employees have contacted them by phone to inform them of a security breach in their accounts.
In these scam attempts, attackers are trying to take over Gmail accounts by triggering alleged “account resets” and then intercepting passwords to subsequently lock out the account holders. Another attack method involves “dangling buckets” (i.e., outdated access addresses) to steal data from or inject malware into Google Cloud.
Both methods are extremely dangerous and currently threaten Gmail and Google Cloud users in particular, around 2.5 billion people worldwide. In theory, companies are of particular interest to hackers, but private individuals can also easily be targeted.
How to protect yourself
To be on the safe side, you should ensure that your account is protected against unauthorized access. Google has provided the following security measures for this purpose:
- Use Google’s Security Checkup to automatically identify security vulnerabilities and get account security recommendations.
- Activate Google’s Advanced Protection Program to get an additional security barrier that blocks the download of potentially harmful files and restricts non-Google apps from accessing Gmail data.
- Use passkeys instead of passwords to stay better protected against hacking attacks and phishing attempts.
Above all, you must remain vigilant. Be particularly skeptical if you’re contacted by alleged support staff who can’t confirm their identity. Google employees will never contact you by phone or email to reset a password or make other changes to your accounts.
Further reading: Gmail’s AI summaries can be hijacked by scammers
This article originally appeared on our sister publication PC-WELT and was translated and localized from German.
Author: Laura Pippig, Staff Writer, PC-WELT
Laura is an enthusiastic gamer as well as a movie and TV fan. After studying communication science, she went straight into a job at PCMagazin and Connect Living. Since then, she has been writing about everything to do with PCs and technology topics, and has been a permanent editor at our German sister site PC-WELT since May 2024.
Recent stories by Laura Pippig:
