A new security alert has emerged for email users, targeting Google and Gmail accounts. Despite being renowned for their high level of security, these platforms have recently faced breaches by Russian hackers, circumventing some of Google’s protective measures and leaving certain accounts vulnerable.
Security researchers at Google Threat Intelligence Group identified this threat, emphasizing the importance of remaining vigilant. The hackers exploited a loophole in Google’s security, particularly targeting individuals using older devices that lack the capability for two-factor authentication, a crucial security feature.
To counter this vulnerability, Google offers app passwords, 16-digit codes designed for older devices. However, hackers have exploited this method to gain unauthorized access to Google accounts, particularly targeting academics and critics of Russia.
Malwarebytes warned that while this was a targeted attack, the general public could be at risk as cybercriminals continue to innovate ways to compromise personal data. To safeguard against such threats, experts recommend following six essential rules:
1. Use app passwords only when necessary and switch to more secure sign-in methods when possible.
2. Opt for stronger multi-factor authentication methods like authenticator apps or hardware security keys over SMS-based codes.
3. Educate yourself and others about identifying phishing attempts to prevent credential theft.
4. Regularly update operating systems and apps to patch vulnerabilities exploited by attackers.
5. Monitor login activity for any suspicious behavior and restrict unauthorized access.
6. Employ security software to block malicious domains and detect scams effectively.
