There is a new concerning online threat that Gmail users should be aware of to protect their accounts. Hackers are continuously developing tactics to target consumers, and falling for their latest scheme could result in giving hackers full access to email and other personal accounts.
Recently, cybersecurity experts at Malwarebytes identified a dangerous scam specifically aimed at Gmail users, which has led to some individuals being deceived.
The fraudulent activity begins with a deceptive message purportedly from Google’s Support service, claiming that an account breach was attempted and prompting a password reset. To add credibility, the scam may also involve a subsequent phone call to the user.
The hackers’ objective is to acquire the security code sent by Google during a password reset. With this code, they can infiltrate the account and potentially steal sensitive personal information.
Malwarebytes explained, “Victims receive an email or phone call allegedly from Google support warning of an attempted account hack. The recommended action is to reset the password for protection.” Subsequently, victims are sent a separate email for account reset, leading them to enter their login credentials. The email includes a code that victims are asked to provide to verify their identity. While the victim believes the support staff will use the code to reset the system, the hackers exploit this opportunity to hijack the account.
Although the extent of this issue is uncertain, several Google users have reported being targeted in recent times. One individual on Reddit shared their experience of a scammer trying to take over their account during a phone call.
To make the scam seem authentic, the scammer even instructed the victim to verify the caller’s number and call back, which turned out to be a bluff as no human was reachable on that line.
If you receive any communication from Google requesting an account reset, exercise caution as it is likely a scam. Google has also issued a warning, advising users not to disclose any personal information.
Google emphasized, “These communications and associated websites are not affiliated with Google and may falsely claim to offer password reset assistance and other Gmail-related support services. Google does not charge users for recovering account credentials or changing passwords.”
Furthermore, Google clarified that they do not provide phone-based support for Gmail, and any such calls claiming account hijacking or malware issues are not endorsed by Google.
In conclusion, users should remain vigilant against such fraudulent attempts and should refrain from sharing any sensitive information with unauthorized sources.
