All Irish Gmail users 'at risk' and must follow 4 crucial steps to keep email account safe
All Gmail account holders in Ireland are being warned about a sophisticated scam that mimics legitimate Google emails, putting accounts at risk of online fraud.
Every Gmail user in Ireland is being warned about an alarming new threat that could jeopardise the security of their email accounts. Security experts are raising the alarm over an "extremely sophisticated" tactic that is fooling even tech-savvy users into falling for it.
The attack, which has been dubbed a 'clever replay attack', was first identified by Nick Johnson, a lead developer of Ethereum Name Service, and puts users at risk of online fraud.
It involves cybercriminals sending emails that appear to come directly from Google, making them seem highly legitimate and able to slip past even the most effective spam filters.
In this particular attack, the email looks almost identical to an official communication from Google. It suggests that a legal subpoena has been issued and access to the recipient's Gmail account is required. The email address and domain appear to be genuine, making the scam difficult to spot.
Nick explained: "The first thing to note is that this is a valid, signed email - it really was sent from [email protected]. It passes the DKIM signature check, and Gmail displays it without any warnings."
The only reason tech-savvy Nick spotted something was wrong is that the official site should have been hosted on a platform called accounts.google.com - instead it appeared on sites.google.com. The difference is that anyone with a Google account can create a website on sites.google.com. And that is exactly what the cybercriminals did.
It's definitely not a warning anyone should ignore, as falling for the trick could give scammers full access to accounts and highly personal data, Mirror UK reports.
Google has responded to the scam, confirming that they are working on an update to address the issue and prevent further incidents. A spokesperson told Newsweek: "We're aware of this class of targeted attack from the threat actor, Rockfoils, and have been rolling out protections for the past week."
Despite the company's efforts, it's crucial for all Irish Gmail users to remain vigilant when checking their daily batch of emails and protect their accounts by following some simple yet crucial steps.
Security experts at Malwarebytes have worryingly warned that "all Gmail users are at risk from clever replay attack". They have shared four important steps every Irish Gmail user must take to safeguard their account:
- Don't follow links in unsolicited emails or on unexpected websites
- Carefully look at the email headers when you receive an unexpected mail
- Verify the legitimacy of such emails through another, independent method
- Don't use your Google account (or Facebook for that matter) to log in at other sites and services. Instead create an account on the service itself.
Subscribe to our newsletter for the latest news from the Irish Mirror direct to your inbox: Sign up here.
