This is the warning that really matters.<\/p>\n
dpa\/picture alliance via Getty Images<\/p>\n
Update: Republished on April 23 with a new threat to Microsoft accounts as well.<\/p>\n
Google has confirmed a new Gmail update but with a warning for 3 billion users. Take heed. Because this is how you keep your email account. If you fail to follow this advice, you could find yourself losing access to your account and all your content.<\/p>\n
Google is rightly frustrated. The latest attack on a Gmail user<\/a>, which has somehow become a major threat despite it happening to a small number of users, is distracting attention from its much more important warning. The danger is that the advice is drowned out by the noise as countless articles delve into how a fake email was sent in such a way that it appeared to come from Google<\/a> itself.<\/p>\n The optics of millions of users checking their autosent Google emails is painful. So first the basics. No, you are not about to receive a flood of fake emails from no-reply@google.com or any other authenticated Google email address. Such attacks are targeted and very rare. That\u2019s why they generate so many headlines in the first place.<\/p>\n ForbesDo Not Use Your Phone If You See These 3 Warning SignsBy Zak Doffman<\/a><\/p>\n You will receive a flood of malicious phishing emails though<\/a>, despite Google\u2019s assurance that its defenses now filter out 99% of these. And you do need to change your account settings to ensure you add a passkey and that you don\u2019t rely on SMS two-factor authentication. This is being phased out, but you should move faster and change today.<\/p>\n More importantly, these sophisticated attacks on Gmail users that pretend to be from Google all rely on two false premises: that Google\u2019s support staff may reach out to you by email, phone or message; and if you ever do receive an email or message relating to an account issue, that Google may \u201cask for any of your account credentials \u2014 including your password, one-time passwords [or] confirm push notifications.\u201d The same is true of the company sending links to pages where you enter your credentials \u2014 it will not.<\/p>\n Last time there was this furor over a similar attack, Google asked me to \u201creiterate to your readers that Google will not call you to reset your password or troubleshoot account issues.\u201d And it has reissued that warning in the wake of this latest attack. But the danger is this simple advice is drowned out by the technicalities of 0Auth and DKIM (DomainKeys Identified Mail) checks to authenticate senders, including Google itself.<\/p>\n ForbesGoogle Confirms Bad News For All Chrome Users\u2014You Will Be TrackedBy Zak Doffman<\/a><\/p>\n None of this takes anything away from the awkward optics of this latest attack or Google\u2019s exposed vulnerabilities \u2014 albeit these have been patched just as others were patched in January, when a similarly sophisticated hack<\/a> made headlines. At that time, Google said it was \u201chardening our defenses\u201d to stop a repeat, just as now it\u2019s telling users \u201cwe have rolled out protections to shut down this avenue for abuse.\u201d<\/p>\n Clearly as one door shuts, attackers will find another. And so it\u2019s even more critical that all Gmail users go back to basics. Set up a passkey and a stronger form of 2FA than SMS<\/a>, given you still need a password as backup access for your account. And remember, any proactive support contact from Google (or Microsoft or Apple or Samsung or any other big tech company) is a scam. If you have any doubt, hang up the call or ignore the emails and reach out to the company using normal, publicly available channels.<\/p>\n And that advice isn\u2019t specific to your Google and Gmail accounts. A new report from Volexity<\/a> has just warned that \u201crecent attacks use a new technique aimed at abusing legitimate Microsoft OAuth 2.0 Authentication workflows.\u201d<\/p>\n ForbesDo Not Click If You See This Message On Your PC\u2014It\u2019s An AttackBy Zak Doffman<\/a><\/p>\n The security firm says it has been tracking the attacks since month, and attributes them to \u201cmultiple Russian threat actors aggressively targeting individuals and organizations with ties to Ukraine and human rights.\u201d The hackers lure victims by impersonating officials from various European nations,” rather than big tech support desks.<\/p>\n In this instance, an attacker \u201ccontacts the victim via a messaging application (Signal, WhatsApp) and invites them to join a video call to discuss the conflict in Ukraine. Once the victim has responded, the attacker sends an 0Auth phishing URL that they claim is required to join the video call. The victim is asked to return the Microsoft-generated OAuth code back to the attacker.” This is the copy and paste trick. “If the victim shares the OAuth code, the attacker is then able to generate an access token that ultimately allows access the victim\u2019s M365 account.\u201d<\/p>\n This is an OAuth phishing lure, leveraging trusted app login workflows, and is yet another illustration as to why you not only need hardware-linked accreditation but also must never share codes or browser URLs in dialog boxes opened via links. Instructions to copy and paste codes or strings of text are dangerous, just as with ClickFix attacks<\/a>. If you ever see such an instruction, it\u2019s an attack. It really is that simple. Avoid this and you get to keep your Microsodft account as well as your Gmail account.<\/p>\n","protected":false},"excerpt":{"rendered":"This is the warning that really matters. dpa\/picture alliance via Getty Images Update: Republished on April 23 with…\n","protected":false},"author":2,"featured_media":44897,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7],"tags":[24783,24782,24779,24781,24780,5594,632,24778,633,53,16,15],"class_list":{"0":"post-44896","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-technology","8":"tag-gmail-ai-attack","9":"tag-gmail-ai-hack","10":"tag-gmail-attack","11":"tag-gmail-hack","12":"tag-gmail-update","13":"tag-gmail-upgrade","14":"tag-gmail-warning","15":"tag-google-attack","16":"tag-google-warning","17":"tag-technology","18":"tag-uk","19":"tag-united-kingdom"},"share_on_mastodon":{"url":"https:\/\/pubeurope.com\/@uk\/114389464234445073","error":""},"_links":{"self":[{"href":"https:\/\/www.europesays.com\/uk\/wp-json\/wp\/v2\/posts\/44896","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.europesays.com\/uk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.europesays.com\/uk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/uk\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/uk\/wp-json\/wp\/v2\/comments?post=44896"}],"version-history":[{"count":0,"href":"https:\/\/www.europesays.com\/uk\/wp-json\/wp\/v2\/posts\/44896\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/uk\/wp-json\/wp\/v2\/media\/44897"}],"wp:attachment":[{"href":"https:\/\/www.europesays.com\/uk\/wp-json\/wp\/v2\/media?parent=44896"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.europesays.com\/uk\/wp-json\/wp\/v2\/categories?post=44896"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.europesays.com\/uk\/wp-json\/wp\/v2\/tags?post=44896"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}