"Cybersecurity experts are warning all Gmail users that scammers are exploiting a new feature launched by Google, allowing them to steal email accounts. The tech giant rolled out a new feature that allows users to create a new address while keeping their old one as an alias. The feature, rolled out earlier this month, is intended for users who want to replace old addresses, but malicious actors are using it to attempt account takeover and phishing attacks."
"Emails claiming a 'Gmail address change' or requesting a security confirmation are now circulating, appearing particularly convincing because they come from real Google addresses like 'no-reply@accounts.google.com.' The messages often instruct users to confirm a new address or verify their account, with links that appear to lead to official Google support pages. In reality, victims are directed to fake websites hosted on the legitimate sites.google.com domain, designed to mimic Google's login and security pages."
"Because the scam is linked to the new address-change feature, it exploits users' expectation that Google would contact them about changes to their account. If attackers succeed, they can take over not just Gmail, but all connected Google services, including Drive, Photos, Calendar, and even third-party accounts linked to the Google login. Users are advised to delete all suspicious emails Daily Mail has contacted Google for comment."
Gmail's new feature lets users create a new address while keeping the old one as an alias. Scammers send convincing emails appearing to come from real Google addresses like 'no-reply@accounts.google.com' asking recipients to confirm a new address or verify security. Links in the messages lead to fake websites hosted on sites.google.com that mimic Google's login and security pages. Successful attacks allow takeover of Gmail and all connected Google services including Drive, Photos, Calendar, and third-party accounts. Users are advised to delete suspicious emails. Google was contacted for comment.
Read at Mail Online
Unable to calculate read time
Collection
[
|
...
]