Recently, Google confirmed an advanced attack targeting all 1.8 billion of its Gmail users.
The attack involved an email from accounts.google.com claiming that Google had been issued a subpoena for the user’s account content, and the user must give up account access to comply.
The scam was first identified by cryptocurrency developer Nick Johnson, who received an email that appeared to come directly from Google. Johnson described the scam as “extremely sophisticated.” The false link led him to a “very convincing ‘support portal’ page,” complete with “exact duplicates” of real Google documents. From there, he was asked to enter his account information; if he had, he would have provided the cybercriminals with control over his account.
Johnson posted the following screenshot of the fraudulent email:
In his post on X, Johnson voiced his displeasure with Google’s handling of the scam: “given their refusal to fix it, we’re likely to see a lot more” of such attacks.
However, Google contends that they are addressing it. A Google spokesperson told DailyMail.com: “We’re aware of this class of targeted attack” and “have rolled out protections to shut down this avenue for abuse.” Specifically, they have shut down the means that allowed this email to be classified as a legitimate Google alert.
For now, Google recommends security measures such as two-factor authentication and reminds users that “Google will not ask for any of your account credentials — including your password, one-time passwords, confirm push notifications, etc. — and Google will not call you.”
But Google did note that even if you do happen to fall prey to such a convincing scam and are locked out of your account, you will still have seven days to act and regain control of it.