Gmail users are being urged to stay alert and follow important new advice.
There’s a fresh security alert for email users and this time the attacks are hitting Google and Gmail accounts. These popular platforms are some of the most safe and secure in the world with users not only protected by advance spam filtering but also safer ways to log into accounts via multi-factor authentication.
Although these features keep the majority of people safe, now is not a good time to become complacent.
It’s been confirmed that Russian hackers recently found a way to bypass some of Google’s security measures. That’s left some accounts open to attack.
This latest danger was spotted by security researchers at Google Threat Intelligence Group. It’s since been confirmed that targeted attacks have already taken place which is why this warning is so important to be aware of.
So, how does this threat work, and should you be worried?
As most people are aware, Google accounts are highly secure, with users needing to use multiple methods to access services such as Gmail.
These include the all-important two-factor authentication, which sends a message to a secondary device when trying to access accounts – without that code there’s no way to log in.
However, it seems Russian cyber crooks have found a way to target older phones and other devices that are unable to handle this extra verification step.
Google offers another security method called app passwords, which are special 16-digit codes aimed at keeping less modern devices safe.
Unfortunately, because app passwords skip the second verification step, hackers can steal or phish them more easily.
According to experts at Malwarebytes, the crooks used this method to target prominent academics and critics of Russia.
“The attackers initially made contact by posing as a State Department representative, inviting the target to a consultation in the setting of a private online conversation,” Malwarebytes explained.
“While the target believes they are creating and sharing an app password to access a State Department platform in a secure way, they are actually giving the attacker full access to their Google account.”
Although this was a highly targeted attack, it does not mean the general public might not be next as hackers are always looking for new ways to steal personal data.
“Now that this bypass is known, we can expect more social engineering attacks leveraging app-specific passwords in the future,” Malwarebytes warned.
If you are concerned by this new attack, security experts at Malwarebytes have issued advice on how to stay safe.
Here are 6 new rules everyone should follow.
• Only use app passwords when absolutely necessary. If you have the opportunity to change to apps and devices that support more secure sign-in methods, make that switch.
• The advice to enable MFA still stands strong, but not all MFA are created equal. Authenticator apps (like Google Authenticator) or hardware security keys (FIDO2/WebAuthn) are more resistant to attacks than SMS-based codes, let alone app passwords.
• Regularly educate yourself and others about recognizing phishing attempts. Attackers often bypass MFA by tricking users into revealing credentials or app passwords through phishing.
• Regularly update your operating system and the apps you use to patch vulnerabilities that attackers might exploit. Enable automatic updates whenever possible so you don’t have to remember yourself.
• Keep an eye on unusual login attempts or suspicious behavior, such as logins from unfamiliar locations or devices. And limit those logins where possible.
• Use security software that can block malicious domains and recognize scams.
اترك تعليقاً