Attention All GMail Users

Google has confirmed an attack on all 1.8 billion GMail users’ data. If you are one of those 1.8 billion, continue reading.

I saw this attack a couple of weeks ago and kind of blew it off, but apparently, it is significant.

You get an email that looks like it came from Google and even passes the smell test (DKIM). It comes from sites.google.com . It says that Google received a subpoena to produce your data. That is believable because Google likely receives dozens of subpoenas every day.

The odd part is that they want your to participate in this process. If Google receives a subpoena to produce data, they just produce it. They don’t need you to help them.

If you click on this (fake) link to supposedly help Google comply with the subpoena it takes you to a login page where the hackers steal your credentials.

Then there are links to pages like “upload additional documents” and “view case”. These look just like real Google pages, meaning that the hackers spent at least a little bit of time setting this up.

Google says they are aware of this threat vector and have instituted controls to shut it down. That works until the next variant of this attack arrives.

Google will never ask you to participate in their legal process – they just don’t need your help.

They do say that using multi-factor authentication or passkeys does make things much harder for the hackers, so you should do that if you are not already doing it.

Credit: MSN

by