Skip to main content

All Irish Gmail users 'at risk' and must follow 4 crucial steps to keep email account safe

All Gmail account holders in Ireland are being warned about a sophisticated scam that mimics legitimate Google emails, putting accounts at risk of online fraud.

Every Gmail user in Ireland is being warned about an alarming new threat that could jeopardise the security of their email accounts. Security experts are raising the alarm over an "extremely sophisticated" tactic that is fooling even tech-savvy users into falling for it.

The attack, which has been dubbed a 'clever replay attack', was first identified by Nick Johnson, a lead developer of Ethereum Name Service, and puts users at risk of online fraud.

It involves cybercriminals sending emails that appear to come directly from Google, making them seem highly legitimate and able to slip past even the most effective spam filters.

In this particular attack, the email looks almost identical to an official communication from Google. It suggests that a legal subpoena has been issued and access to the recipient's Gmail account is required. The email address and domain appear to be genuine, making the scam difficult to spot.

Nick explained: "The first thing to note is that this is a valid, signed email - it really was sent from [email protected]. It passes the DKIM signature check, and Gmail displays it without any warnings."

The only reason tech-savvy Nick spotted something was wrong is that the official site should have been hosted on a platform called accounts.google.com - instead it appeared on sites.google.com. The difference is that anyone with a Google account can create a website on sites.google.com. And that is exactly what the cybercriminals did.

It's definitely not a warning anyone should ignore, as falling for the trick could give scammers full access to accounts and highly personal data, Mirror UK reports.

Google has responded to the scam, confirming that they are working on an update to address the issue and prevent further incidents. A spokesperson told Newsweek: "We're aware of this class of targeted attack from the threat actor, Rockfoils, and have been rolling out protections for the past week."

Despite the company's efforts, it's crucial for all Irish Gmail users to remain vigilant when checking their daily batch of emails and protect their accounts by following some simple yet crucial steps.

Article continues below

Security experts at Malwarebytes have worryingly warned that "all Gmail users are at risk from clever replay attack". They have shared four important steps every Irish Gmail user must take to safeguard their account:

  • Don't follow links in unsolicited emails or on unexpected websites
  • Carefully look at the email headers when you receive an unexpected mail
  • Verify the legitimacy of such emails through another, independent method
  • Don't use your Google account (or Facebook for that matter) to log in at other sites and services. Instead create an account on the service itself.

Subscribe to our newsletter for the latest news from the Irish Mirror direct to your inbox: Sign up here.

Irish Mirror Icon

ENJOYED THIS STORY?

Choose Irish Mirror as a 'Preferred Source' on Google News for quick access to the news you value.

Google Preferred Source Badge


reach logo

At Reach and across our entities we and our partners use information collected through cookies and other identifiers from your device to improve experience on our site, analyse how it is used and to show personalised advertising. You can opt out of the sale or sharing of your data, at any time clicking the "Do Not Sell or Share my Data" button at the bottom of the webpage. Please note that your preferences are browser specific. Use of our website and any of our services represents your acceptance of the use of cookies and consent to the practices described in our Privacy Notice and Terms and Conditions.