Google is warning its nearly two billion Gmail users to immediately delete a concerning email that tries to look like it comes from Google itself.
The new scam is called a 'no-reply' email attack because victims receive a supposedly official message from [email protected].
Inside the email, recipients will find a notice claiming that Google has been subpoenaed by law enforcement to release everything in the user's account.
The email even contains a link to a Google support page that appears to have all the details about what's happening regarding the legal case against you.
However,公司官员说,这是一个假货,是由希望获得受害者个人信息的在线骗子创建的。
当gmail用户单击链接并批准许可或批准许可时,攻击是触发的,然后查看伪造法律文档。帐户,例如读取电子邮件或访问文件的能力。
在某些情况下,下载假的Google文件将恶意软件传播到受害者的设备中,这是有害软件,可以窃取更多信息,包括密码和银行详细信息。
Google has warned all Gmail users that a new attack looks like a legal email coming from Google but it's actually a scam
According to Nick Johnson, a leading tech developer who has worked for Google and加密货币以太坊,骗子通过利用Google自己的系统来实现这一目标。
特别是,新攻击使用了一种名为Google oauth的工具,该工具使第三方应用程序可以通过用户的permission访问Google访问Google class。 account on it, and register a fake app with Google.
This app sends a notification email that looks real because it comes from Google's system, but it's actually forwarded to victims through a service that hides the scam.
The scam email includes a link to a fake Google Support page, hosted on Google's own sites.google.com, which makes似乎值得信赖。
当gmail用户单击链接时,攻击开始。 The link takes them to a page that looks like a real Google login screen.
After signing in, they land on a fake webpage that mimics Google's official support site and fools them into granting permissions to the scammer's app.
By downloading or approve permissions to view the phony subpoena, the victim unknowingly让骗子访问其帐户,使他们可以阅读电子邮件并访问用户的私人文件。
电子邮件骗局假装受害者的帐户信息已被执行的链接< /prock < class="mol-para-with-font">The information that can be stolen in this phishing attack can vary depending on what the victim clicks or downloads.
In the worst case scenarios, downloading malware into your device can give cybercriminals an open door to steal passwords, access financial records in banking apps, and even hijack the device itself by locking the user out 。 fill =“ none”>
Johnson explained on X that the key mistake users make is trusting the email and clicking the link.
To stay safe, Gmail users should check the email carefully before following any of its instructions.
在电子邮件标题中查看'to'to'to'to'to'to'和'邮寄'字段。如果他们显示奇怪的地址,那是一个骗局。
网络安全公司Kaspersky补充说,这些电子邮件地址通常以'Me'开头。例如,[email protected]。
,而地址显然显然似乎令人怀疑,许多gmail用户会看到的唯一一件事就是在他们的收件箱中'我'我'我知道的人都知道一个人,他们知道了一个人,他们知道了一个人,他们才能遇到
The emails can be spotted by their suspicious sender addresses, which typically start with the word 'me'
The cyber experts are urging anyone with a Google account to never click on a suspicious link inside an email.
Moreover, never download material online unless it's coming from a trusted source on a legitimate website.
If you're unsure, go directly to Google's official website by typing support.google.com into your browser, not clicking a link in an email.
使用良好的防病毒程序也可以帮助捕获这些网络钓鱼电子邮件在造成伤害之前。
Google还在警告其18亿用户检查其安全设置,以检查其安全设置,删除受欢迎的两因素真实途径,然后删除passey secorter and passkeys。 passwordless, phishing-resistant technology that uses cryptographic keys stored on a user's devices and are authenticated using biometrics - like a fingerprint, face scan, or a PIN number.
Tech giants like Microsoft have argued that passkeys are now safer than two-factor authentication, which typically involves sending a one-time code to your phone or email when签名。
澳洲中文论坛热点
- 悉尼部份城铁将封闭一年,华人区受影响!只能乘巴士(组图)
- 据《逐日电讯报》报导,从明年年中开始,因为从Bankstown和Sydenham的城铁将因Metro South West革新名目而
- 联邦政客们具有多少房产?
- 据本月早些时分报导,绿党副首领、参议员Mehreen Faruqi已获准在Port Macquarie联系其房产并建造三栋投资联