There has been recent concern regarding a new Gmail scam where cybercriminals are issuing false Google security alerts in an attempt to steal users’ data.
Researchers at Malwarebytes Labs uncovered the new scam that is disguised as a routine security checkup.
While the security alert may initially appear legitimate, the scam guides victims through a false four-step process that quickly collects sensitive data.
This can later be used by cybercriminals to break into Gmail accounts and other linked Google services.
Victims of the scam will be prompted to install what may initially appear as a security tool, but this can quickly give cybercriminals access to sensitive information like detailed real-time GPS location and contact data.
Corey Donovan, the president of Alta Technologies has issued an important warning on how Gmail users can protect themselves against this new scam:
“The scam is being distributed via phishing emails, text messages, and malicious pop-ups, which falsely warn victims that their Google account requires immediate security verification.
“By mimicking legitimate ‘security check’ prompts, attackers are able to create a false sense of urgency, which significantly increases the likelihood of users handing over their login details.
“It’s important to note that Google does not conduct security checks through unsolicited pop-up pages, which is why Gmail users should be wary if they’re unexpectedly prompted to download any software.
“If you receive any of these unexpected alerts, then immediately close the page and do not follow the prompt to download any additional security software.
“What’s particularly concerning about this new scam is that victims will be taken to a page that closely replicates Google’s genuine security check, which is why it’s so important for Gmail users to be aware of this rising scam.
“We’re seeing a clear trend of security alert scams becoming more and more advanced. By replicating Google’s official security site, scammers are bypassing obvious red flags to quickly trigger action from victims.
“Once cybercriminals gain access to Google accounts, they can easily reset passwords, intercept two-factor authentication codes, access sensitive data, and take over any linked accounts. This is why this scam is so concerning.
“Remember that any legitimate security concerns will always be sent via your official Gmail account. Google will never ask you to confirm sensitive information or login details via an unsolicited email or link.
“This is why instead of immediately clicking on any emails or pop-ups, you should always check your data by navigating to your official Google account on your browser.
“Taking a few extra seconds to be cautious can make all the difference when it comes to protecting your data against this concerning new scam.”
Corey Donovan has also issued further tips on how to keep your data safe from other prevalent scams.
Be cautious while using public Wi-Fi
Airports and train stations can quickly become hotspots for cybercriminal activity, particularly during busy travel periods. Using public Wi-Fi in busy areas can make your data extremely vulnerable to cybercriminals with the right tools.
Hackers on the same network can easily access sensitive information, such as banking details, login information, and personal messages.
This is why it’s essential to avoid logging into banking apps or email accounts while using public Wi-Fi. If you must go online, always use a trusted VPN to keep your information encrypted and only browse websites that are verified with URLs beginning with HTTPS.
Ensure that your devices do not automatically connect to unsecured public hotspots by disabling the “Connect Automatically” feature.
Taking the time to set up strong passwords is another key defence against any data interceptions via public Wi-Fi. Be sure that all passwords on your device contain a mix of uppercase and lowercase letters, numbers, and special characters to make them harder for hackers to intercept. Setting up two-factor authentication can also provide more defence against these kinds of scams.
Carefully check Wi-Fi names before connecting
Often referred to as the “evil twin” scam, this is another scam that’s likely to target people using public transport.
This is when hackers create fake public Wi-Fi names or hotspots that mirror the location that you’re in. For example, they may use the name “Airport_Free_WiFi” instead of “Airport-Free-WiFi.”
Because the name appears familiar, travellers often connect without thinking. Once you’re on the hacker’s network, they can monitor everything you do: capturing passwords, reading emails, intercepting banking details, or even installing malicious software.
This is why it’s so crucial to carefully inspect the Wi-Fi name before joining and check with any staff if you’re unsure of which Wi-Fi to connect to. If you see any Wi-Fi or hotspot names that are eerily similar, such as one with an extra letter or number, then this is often a sign of cybercriminal activity.
Avoid checking work emails while on the go
When using public transport, sensitive information can be exposed more easily than people realise. The rise of “shoulder surfing” has meant that fraudsters can now easily intercept sensitive information just by looking over at your screen.
If your screen isn’t protected, a single opened email could unintentionally reveal private company information, such as confidential messages, client data, or banking information. For these reasons, it’s best to avoid handling sensitive work material on public transport.
If you do need to check any information, then ensure that your screen isn’t in clear view and avoid connecting via public Wi-Fi. Instead, ensure that your device has a secure connection and use a VPN when possible.
Ensure that your devices are up to date
With many people relying on their phones for travel tickets and navigation, keeping devices updated is more important than ever.
Software updates often include urgent security fixes that protect against newly discovered threats. Installing them promptly ensures your phone has the latest defences, reducing the risk of malware infections, data leaks, or hackers exploiting outdated software while you’re travelling or using unfamiliar networks.
When a phone falls behind on essential updates, this can place your data at a significant risk. Failing to update your device regularly means that it is missing critical security patches designed to fix newly discovered vulnerabilities, which cybercriminals will easily take advantage of.
Always check your phone’s privacy settings after an update
While it’s essential to keep your phone up to date to protect against hackers, it’s also important to always review your device’s privacy settings after completing an update.
After an update, it’s also essential to check what precise information each app has access to, as this may change after a big settings update.
Corey Donovan, the president of Alta Technologies, has commented on how to protect yourself from data breaches:
“Cybercriminals know that airports, train stations, and hotels are packed with busy travellers who are relying on public Wi-Fi, checking work emails on the go, and using their phones for everything from boarding passes to banking.
“This combination creates the perfect conditions for attackers to intercept data or trick people into connecting to fake networks. Hackers deliberately target travellers because they’re often rushed, tired, and away from secure home or office networks, making their devices less secure than usual.
“Because of this, it’s essential that you’re not letting your guard down while travelling. Avoid checking any sensitive information while on public Wi-Fi, such as banking details or confidential work information. Ensure that your phone is correctly up to date with the latest software and installed with multi-factor authentication software to add an additional layer of protection from hackers.
“It’s also important to ensure that you promptly review your privacy settings, especially if you’ve recently purchased a new device. This prevents your phone and any apps from gaining access to sensitive information, such as location history or information regarding your daily commute.
“As soon as you receive a new device, ensure that you have set up all of your online accounts with strong passwords, containing a combination of capital letters, numbers, and symbols.
“People often let their guard down while travelling or commuting, which is why it’s so essential that you’re staying informed about the latest security risks and ensuring that your device is as protected as possible from any potential threats.”
