Latest news with #NickJohnson
Jordan News
22-05-2025
- Jordan News
Urgent Warning from Google: Delete Emails from This Address Immediately - Jordan News
Google has issued an urgent warning to Gmail users worldwide about a wave of dangerous cyberattacks targeting accounts through emails that appear official and come from "[email protected]"—but are actually fraudulent messages designed to steal sensitive information. اضافة اعلان These phishing emails attempt to deceive users by pretending to be a legal notice from Google, claiming the company has received a court order to hand over account contents to law enforcement. In reality, the message contains a malicious link leading to a fake support page hosted on platforms affiliated with Google, giving it a false sense of legitimacy. According to cybersecurity experts, clicking the link grants hackers access to the user's email and files. In some cases, downloading fake files can install malware capable of stealing passwords and banking information—or even taking full control of the device. In a related update, Google announced the end of security support for three of its most popular Android phones, putting them at high risk of cyberattacks, as they will no longer receive critical security updates. Meanwhile, Nick Johnson, a former Google developer, explained that this attack exploits official authentication tools like Google OAuth, tricking users with accurately mimicked login pages. Google strongly emphasized the importance of ignoring and immediately deleting such emails. The company also warned against clicking any suspicious links or downloading attachments from untrusted sources. The tech giant advised users to visit the official support site— verify any notifications, and recommended using Passkeys instead of traditional two-factor authentication, as they offer stronger protection against these types of attacks. Cybersecurity firms also urged users to check the full email address, not just the display name in their inbox. These phishing emails are often sent from unusual addresses that begin with the word "me", which can easily mislead users.
Metro
21-05-2025
- Metro
Warning to 1,800,000,000 Gmail users over sophisticated scam
Gmail users have been warned about a highly convincing scam email thatappears to come from Google themselves. The email seems to come from no-reply@ which is the address that real security updates come from. It links to a webpage hosted by Google, too, which is another convincing sign. But the website was not made by them; it was made by scammers trying to trick you. The email claims that 'a subpoena was served on Google LLC requiring us to produce a copy of your Google Account content'. It links to a domain designed to look like Google's genuine support page. However, the real support webpage is on while the 'sites' domain is one that anyone can build a free webpage on. Ordinary users are unlikely to know or notice this, however, and could inadvertently grant scammers permissions that could allow them access, or target you with malware. Security software firm Kaspersky said that there are other clues, too. If you look closer at the email details, the to and mailed-by fields contain a jumble of letters of emails which have nothing to do with Google, showing me[@]googl-mail-smtp-out-198-142-125-38-prod[.]net and The scam was first revealed by tech developer Nick Johnson. The scammers used Google OAuth technology, which is what you see when you use your Google details to sign into a different app. Those who fell victim to the scam approved the permissions thinking they were giving Google themselves permission. It is not clear exactly what the scammers hoped to achieve by this, but could involve data theft or infecting the victim with malware. Kapersky said that when an OAuth app is registered, 'the web application administrator can manually enter completely arbitrary text in the App Name field – this is what the criminals apparently took advantage of.' The mechanism that attackers used to do this has now been shut down, which will prevent this method of attack from working in future. A Google spokesperson said: 'We're aware of this class of targeted attack from this threat actor and have rolled out protections to shut down this avenue for abuse. 'In the meantime, we encourage users to adopt two-factor authentication and passkeys, which provide strong protection against these kinds of phishing campaigns.' They recently issued guidance on spotting scams, saying they will not ask for any of your account credentials, including your password, one-time passwords, confirm push notifications, and will not call you. Get in touch with our news team by emailing us at webnews@ For more stories like this, check our news page. MORE: People are placing bets on which five escaped New Orleans prisoners will be caught last MORE: Stalker detective tried to 'destroy' ex's life by lying he was a paedophile MORE: School boys deny throwing massive seat over balcony at Westfield
Daily Mail
20-05-2025
- Daily Mail
Google issues warning to all 1.8b Gmail users over dangerous attack: 'Do not respond to messages'
Google is warning its nearly two billion Gmail users to immediately delete a concerning email that tries to look like it comes from Google itself. The new scam is called a 'no-reply' email attack because victims receive a supposedly official message from no-reply@ Inside the email, recipients will find a notice claiming that Google has been subpoenaed by law enforcement to release everything in the user's account. The email even contains a link to a Google support page that appears to have all the details about what's happening regarding the legal case against you. However, company officials have said it's all a fake, created by online scammers looking to gain access to a victim's personal information. The attack is triggered when Gmail users click the link and then download or approve permissions to view the phony legal documents. By doing this, the victims unknowingly give the scammers limited access to their Google account, like the ability to read emails or access files. In some cases, downloading the fake Google files spreads malware into the victim's device, which is harmful software that can steal even more information, including passwords and bank details. According to Nick Johnson, a leading tech developer who has worked for Google and cryptocurrency Ethereum, the scammers pull this off by exploiting Google's own systems. Specifically, the new attack makes use of a tool called Google OAuth, which lets third-party apps access Google accounts with the user's permission. Scammers create a fake web address that looks similar to Google's, set up an email account on it, and register a fake app with Google. This app sends a notification email that looks real because it comes from Google's system, but it's actually forwarded to victims through a service that hides the scam. The scam email includes a link to a fake Google Support page, hosted on Google's own which makes it seem trustworthy. When a Gmail user clicks on the link, the attack begins. The link takes them to a page that looks like a real Google login screen. After signing in, they land on a fake webpage that mimics Google's official support site and fools them into granting permissions to the scammer's app. By downloading or approve permissions to view the phony subpoena, the victim unknowingly gives the scammer access to their account, allowing them to read emails and access the user's private files. The email scam pretends to notify the victim that their account information has been subpoenaed by law enforcement, tricking the user into clicking a harmful link The information that can be stolen in this phishing attack can vary depending on what the victim clicks or downloads. In the worst case scenarios, downloading malware into your device can give cybercriminals an open door to steal passwords, access financial records in banking apps, and even hijack the device itself by locking the user out remotely. Johnson explained on X that the key mistake users make is trusting the email and clicking the link. To stay safe, Gmail users should check the email carefully before following any of its instructions. Look at the 'to' and 'mailed-by' fields in the email header. If they show strange addresses, it's a scam. Cybersecurity company Kaspersky added that these email addresses typically start with 'me.' For example, me@ While the address obviously seems suspicious, the only thing many Gmail users will see is 'me' in their inbox, and that can confuse many people into thinking the message comes from someone they know. Once they open it, they're confronted with a phony legal notice that scares them into taking action immediately. The cyber experts are urging anyone with a Google account to never click on a suspicious link inside an email. Moreover, never download material online unless it's coming from a trusted source on a legitimate website. If you're unsure, go directly to Google's official website by typing into your browser, not clicking a link in an email. Using a good antivirus program can also help catch these phishing emails before they cause harm. Google is also warning its 1.8 billion users to check their security settings, remove the popular two-factor authentication security measures and switch to passkeys instead. Passkeys are a passwordless, phishing-resistant technology that uses cryptographic keys stored on a user's devices and are authenticated using biometrics - like a fingerprint, face scan, or a PIN number. Tech giants like Microsoft have argued that passkeys are now safer than two-factor authentication, which typically involves sending a one-time code to your phone or email when signing in.
Forbes
15-05-2025
- Forbes
Google Confirms Gmail Warning—Do Not Lose Your Account
Gmail warning comes around again. Gmail users face a new tidal wave of warnings as a dangerous new account threat makes headlines again. Gmail accounts are prized by hackers as a valuable store of information and as a gateway to other platforms and services. New and 'nearly perfect' AI threats mean those accounts are now at risk — make sure you don't lose yours. A new alert from Kaspersky has just warned Gmail users that 'law enforcement agencies are interested in your account.' This is making headlines, with reports (1,2) of 'hackers abusing Google Services to send malicious law enforcement requests." The attack itself was first reported in April, when a crypto engineer warned he 'was targeted by an extremely sophisticated phishing attack" which 'exploits a vulnerability in Google's infrastructure.' At the time, it seemed Google was 'refusing to fix it,' and so Ethereum's Nick Johnson suggested 'we're likely to see it a lot more.' 'Imagine,' Kaspersky says, 'you receive a letter notifying that Google has received a summons from law enforcement agencies demanding to provide the contents of your account. The letter looks quite 'Google-like', and the sender's address is quite respectable — no-reply@ Inside, a slight feeling of panic immediately wakes up (at least), doesn't it?' The attack is cleverly constructed. 'Even the link looks quite plausible — the address includes the official Google domain and the support ticket number mentioned above. Only sophisticated users will notice the catch: all Google support pages are located on the link immediately leads to a certain But the calculation of attackers is on those users who do not understand such details.' But the objective is simple. As I explained last month, it links to a Google-hosted credential phishing page that mimics the real thing, but which takes over your account. Kaspersky highlights the following telltale signs: But as Kaspersky says, 'all these signs are quite difficult to notice for an ordinary layman, especially if he is frightened by the prospect of trouble with law enforcement agencies. Even more confusion is added by the fact that the fake letter is signed by this Google — is indicated in the signed-by field.' Google has pushed out a fix. 'We're aware of this class of targeted attack,' it confirms, 'and have been rolling out protections for the past week. These protections will soon be fully deployed, which will shut down this avenue for abuse. In the meantime, we encourage users to adopt two-factor authentication and passkeys, which provide strong protection against these kinds of phishing campaigns.' But more importantly, Google will not reach out to you in this way, and will never ask for your account credentials or send you to a page where you can enter them. It has emphasized this repeatedly, especially when it comes to account security and tech support issues. If you ever receive a communication with any lure purporting to come from Google, access your account using normal channels and reach out to them directly. That's only if you can't dismiss it as a scam right away and delete the message. Ironically, in tandem with this story breaking again, Google has also confirmed new scam defenses rolling out to Chrome, using on-device AI to intercept scams in real time. This latest one is exactly the type of message such defenses need to block.
Scottish Sun
15-05-2025
- Scottish Sun
Gmail users hit with ‘red alert' warning and urged to ‘remain vigilant' over new scam stealing sensitive information
GMAIL users have been hit with a 'red alert' warning and urged to 'remain vigilant' amid a new scam stealing sensitive information. The long-standing mail platform has more than a billion worldwide users. Advertisement 3 Gmail users have been given a "red alert" over a new scam Credit: Getty 3 Cyber crooks regularly trying tricking Gmail's billions of users Credit: Getty Countless cyber crooks regularly try to catch out the billions of people who use Gmail, but the vast majority of these are caught and blocked by Google's filters and spam protection. This latest threat would see criminals deceive users while stealing their valuable data. But how exactly is this scam even pulled off? The deception begins with a phone call and scammers claiming to be from Google. Advertisement From there, the caller attempts to access the would-be victim's Google account by claiming an account details change needs verification. The actual objective is securing the two-factor authentication code sent by Google upon the user's request. Should the crooks receive this, they will be able to hack the account and lock out the real users. In a statement to Forbes, Google said: "We've hardened our defenses to protect users from this type of abuse and suspended accounts that have misused Google services in these scams. Advertisement "But we encourage all users to remain vigilant – please reiterate to your readers that Google will not call you to reset your password or troubleshoot account issues.' Last month, Gmail users were given a "red alert" over a sophisticated phishing scam. One word that instantly tells you an email is fake This new phishing scheme was so advanced that it could bypass much of Google's impressive security, meaning some users could be caught out. Google said it was working to stop the "extremely sophisticated attack" which looked incredibly real and could trick you into giving away sensitive personal information. Advertisement Developer Nick Johnson said he was targeted by the attack, which consisted of a message which suggested a legal subpoena had been issued for him. The scam also told users that a copy of their Google account content needs to be produced. Although this sounds far-fetched, people may have been inclined to trust the email due to coming from a seemingly valid Google account. How to protect yourself from scams BY keeping these tips in mind, you can avoid getting caught up in a scam: Firstly, remember that if something seems too good to be true, it normally is. Check brands are "verified" on Facebook and Twitter pages - this means the company will have a blue tick on its profile. Look for grammatical and spelling errors; fraudsters are notoriously bad at writing proper English. If you receive a message from a 'friend' informing you of a freebie, consider whether it's written in your friend's normal style. If you're invited to click on a URL, hover over the link to see the address it will take you to – does it look genuine? To be on the really safe side, don't click on unsolicited links in messages, even if they appear to come from a trusted contact. Be careful when opening email attachments too. Fraudsters are increasingly attaching files, usually PDFs or spreadsheets, which contain dangerous malware. If you receive a suspicious message then report it to the company, block the sender and delete it. If you think you've fallen for a scam, report it to Action Fraud on 0300 123 2040 or use its online fraud reporting tool. He explained in a thread on X: "The first thing to note is that this is a valid, signed email - it really was sent from no-reply@ Advertisement "It passes the DKIM signature check, and Gmail displays it without any warnings - it even puts it in the same conversation as other, legitimate security alerts." In a statement to Newsweek, a Google spokesperson said at the time: "We're aware of this class of targeted attack from the threat actor, Rockfoils, and have been rolling out protections for the past week. "These protections will soon be fully deployed, which will shut down this avenue for abuse." 3 A sophisticated phishing scam targeted Gmail last month Credit: Getty
