Latest news with #RossRichendrfer
Forbes
23-04-2025
- Forbes
Gmail Hack — Google Warns Users Have 7 Days To Act
Google says you have 7 days to recover your hacked Gmail account. Update, April 23, 2025: This story, originally published April 21, has been updated with mitigation advice for various hacking scenarios, along with further guidance from Google on how to recover a compromised account following the recent sophisticated Subpoena Gmail hack attacks against users. Gmail is under attack. That phrase should send shivers down your spine if you are one of the more than 3 billion people who use the world's most popular email platform. The latest in a long line of threat campaigns is particularly dangerous in that it appears to come from Google itself. But with threat actors continually changing-up their attack methodologies, becoming increasingly more sophisticated thanks to the use of AI, and even employing automatic password hacking machines in their attacks, the danger to your email account and the data it unlocks continues to mount. Google is, of course, fighting back with upgraded security protections but the danger continues. If you fall victim to the latest Gmail hack attack, or any other that locks you out of your Google account, Google has said that you have seven days to get it back. Here's what you need to know and do. The latest Gmail hack attack involves a sophisticated phishing campaign that employs the use of an OAuth application and what has been described as a 'creative DomainKeys Identified Mail workaround' to fool victims into thinking a security alert email originated from Google itself. In other words, it has managed to bypass the exact protections that Google has put in place to help prevent such attacks in the first place. The good news is that Google has confirmed it is putting out updated protections that counter the threat methodology used in this attack. 'These protections will soon be fully deployed,' a spokesperson said, 'which will shut down this avenue for abuse.' A Google spokesperson has also told me that anyone who finds themselves locked out of their Gmail account following a successful attack, where the hacker has changed their account password and recovery methods, still has seven days in which they can undo the damage and regain access to that hacked account. Gmail spokesperson Ross Richendrfer told me that in those situations where an attacker has compromised a Google account and changed the password, or even added a passkey, to prevent the legitimate owner from being able to access it, acting quickly is the key to successful recovery. Obviously, using 'phishing-resistant authentication technologies, such as security keys or passkeys,' in the first place, as Richendrfer advised, is highly recommended to prevent finding yourself in this situation in the first place. But if you do, then all hope is not lost. 'We recommend all users to set up a recovery phone as well as a recovery email on their account,' Richendrfer said, 'these can be used in cases where users forget their own passwords, or an attacker changes the credentials after hijacking the account.' As the original account holder, following a Gmail hack, even if the attacker has changed your recovery telephone number, Richendrfer advised that you have 7 days in which that number can still be used to regain control of, and access to, your Gmail account. The same applies to your recovery email. 'When you change your recovery email,' Richendrfer said, 'you may be able to choose to get sign-in codes sent to your previous recovery email for one week.' Think of a Gmail recovery phone number as being like using a seatbelt in your car; it drastically improves your safety when you use it. With everything from AI-driven phishing attacks to the use of infostealer malware being deployed in the Gmail account takeover attack chain, extra confirmation by way of that phone number can help keep attackers at bay. Google has told me in the past that occasionally asking for a verification phone number before you can sign into your Google account adds an extra layer of protection for Gmail users. You should, of course, ensure that this number is associated with, and only with, a smartphone that belongs to you and is regularly kept with you. If that phone is shared with others or left lying around, then the protection a recovery number can provide is weakened. To add or change a recovery phone number or email on Android, open your device settings app, hit Google, followed by your name, and the Manage your Google account option. Now head for the security section, where it says 'how you sign into Google,' and you can select options for a recovery phone or recovery email. You will likely be asked to sign in before getting any further, but the selection process is very straightforward and takes no time at all. Although you have heard the mantra a million times before, especially if you have ever received one of those dreaded data breach advisories from just about any organization, I firmly believe that Google takes your security seriously. This doesn't mean, however, that you can delegate any responsibility in ensuring your account and data are as secure as possible yourself. Google blocks the vast majority of malicious email, although not 100%, as this recent attack demonstrated, warns users of potentially dangerous content and deceptive websites, and even has an advanced protection program that brings additional layers of security to those accounts most at risk from targeted attacks. The one security protection that every single Gmail user can and should embrace, and do every month if you ask me, is to run the Google Account Security Checkup. Once you land at the security checkup tool page, Google will have already populated it with relevant security recommendations that are specifically tailored to your account and based upon your usage. I will use details of one of my own Gmail testing accounts here in order for you to get a flavour of what the security checkup tool can do to improve your protective posture. First on my list was a recommendation to check my Gmail settings as I currently forward emails that arrive at this address to another. Take Google's Security Check Up Now This was followed by a reminder to remove any unused devices that my account is connected to. Security check - connected devices Next up was a warning that I did not have enhanced safe browsing enabled for this account. Although deliberate in this case, it's a test account that I don't want that protection to apply to, it's something I'd recommend activating for most Google users as a matter of course. Turn on enhanced safe browsing Google will alert you to any recent security events, there were none in my case. Google will alert you to any recent security events, there were none in my case. You can also scroll to the bottom of your Gmail web app and you'll find a recent activity check on the right-hand side. Click the details link, and you will be able to see where your Gmail account is open on either device and the locations, IP addresses, and dates of recent activity. A great way to see if anything is untoward. Google will alert you to any recent security events. As well as a check to see if I had two-factor authentication enabled, and as you can see, I did, the final recommendation was a very important one. Take a look at the third-party applications that have been granted access to my Google and Gmail accounts. This is always worth doing regularly to ensure that only those you know about and actually both trust and use are listed. Everything else can safely be disconnected and guided towards the sea. Third-party app connections can be updated here. Attacks that use a technique known as link-hovering, whereby the real address of a link is obfuscated by using a mouseover label, can be mitigated by using the smartphone Gmail app rather then a browser client. Browsers like Google Chrome will display the real URL at the bottom of the screen, while the edited mouseover text appears right next to the link that you are hovering on. If you have no choice but to use a web client for Gmail then get into the habit of always looking toward the bottom of the screen to double-check the authenticity of any link you are hovering. Gmail phishing attacks, no matter how advanced the threat becomes thanks to the sophisticated nature of AI-powered threats, are nothing more than scams, cons and fraudsters at play. Remember this, and don't get carried away in the complexity of the attack, instead react to the actual facts that you are being presented with, no matter how urgent or worrying they appear at first. Paul Walsh, CEO at MetaCert, co-founded the W3C Mobile Web Initiative in 2004, and was tasked with refining Tim Berners-Lee's vision of One Web. 'Telling people to look for spelling mistakes is from the 2000s and is now counterproductive—people trust messages that are well written—here we are again 'unusual' senders and 'suspicious' whatever.' Stay calm if you are approached by someone claiming to be from Google support; they won't phone you, and so no harm will come to you if you hang up. Check your Gmail activity to see what, if any, devices other than your own have been using the account. Although you might not think it, it is actually possible to get help with recovering your Google account after a lockout attack from a real human being rather than just going through the automated online steps. If you subscribe to Google One's premium service, then you may be able to get that human assistance. This is because Google One Premium brings with it the benefit of 'enhanced access to support' alongside extra data, storage and dark web monitoring. Although I have not been able to find a definitive answer from Google as to what, exactly, is covered by this enhanced access to support, I have done a bit of digging around the various options offered to me as a Google One premium subscriber myself. By describing an issue of not being able to access my Gmail account as I had been locked out by attackers, I was presented with a number of support options which narrowed the problem down even further and eventually led me to an option to get a callback from Google. Yes, an actual human being working at Google I could speak to. What's more, during the research, I was promised this callback within a waiting time of just one minute. An online chat option was also offered for those who prefer not to speak, although the waiting times for such a response were considerably longer. You can find more details on recovering a Google account following a successful Gmail hack here.
Economic Times
22-04-2025
- Economic Times
Is my Gmail account hacked? Google ‘warns' 3 billion users of security risk; check how to recover phished account
Gmail account hacked? You have seven days to act Live Events Why passkeys are the future Gmail attack sparks panic Premium users can access live human support Quick tips to secure your Gmail account Use a passkey associated with your device Utilize either Google Authenticator or Google Prompts, instead of SMS Add and routinely update your recovery phone number and Email Avoid clicking any links in unexpected emails about security alerts Google will never contact users directly about account security FAQs (You can now subscribe to our (You can now subscribe to our Economic Times WhatsApp channel More than 3 billion Gmail users are potentially at risk as a major phishing campaign has tricked victims through imitation of Google 's security alerts. The new attack, which employs OAuth apps and a DomainKeys Identified Mail (DKIM) bypass, has made fake emails appear confirmed the issue and is deploying updated protections. A spokesperson from the tech giant said that the new safety features will shut down the avenue for abuse once fully in to a Forbes report, if a Gmail account has been compromised and the attacker has changed password and recovery methods, the legitimate user still has seven days to reverse them. Reportedly, the recovery can be done via original recovery phone number or email—if they were previously set Ross Richendrfer was quoted in the Forbes report stating that users can always enable phishing-resistant technologies like passkeys and security keys. He also urged the users to keep their recovery information updated at regular the tech giant has issued a stern warning against relying solely on passwords or SMS-based two-factor authentication. Both these systems—the firm said—are now vulnerable to increasingly sophisticated urged the users to adopt passkeys, which are tied to their device and require biometric or PIN verification. It added that passkeys make unauthorised access significantly more was alarmed when Ethereum developer Nick Johnson received a realistic legal notice from 'no-reply@ ID. The email had a valid DKIM signature and mimicked an official Google according to the media reports, turned out that attackers had exploited a loophole. They sent genuine emails to themselves and forwarded them to victims to phish per the reports, users who are subscribed to Google One's premium service can access live human support. This includes call-backs and chat options for account recovery . Human support could significantly speed up regaining access following a need to respond as soon as possible. Utilize your recovery phone number or email—if not yet modified by the attacker—to begin account recovery within seven are also associated with your own device and need biometric or PIN authentication. They are not easy to phish or reusable like passwords, so they are significantly more secure.
Time of India
22-04-2025
- Time of India
Is my Gmail account hacked? Google ‘warns' 3 billion users of security risk; check how to recover phished account
More than 3 billion Gmail users are potentially at risk as a major phishing campaign has tricked victims through imitation of Google 's security alerts. The new attack, which employs OAuth apps and a DomainKeys Identified Mail (DKIM) bypass, has made fake emails appear authentic. Google confirmed the issue and is deploying updated protections. A spokesperson from the tech giant said that the new safety features will shut down the avenue for abuse once fully in place. Gmail account hacked? You have seven days to act According to a Forbes report, if a Gmail account has been compromised and the attacker has changed password and recovery methods, the legitimate user still has seven days to reverse them. Reportedly, the recovery can be done via original recovery phone number or email—if they were previously set up. by Taboola by Taboola Sponsored Links Sponsored Links Promoted Links Promoted Links You May Like Join new Free to Play WWII MMO War Thunder War Thunder Play Now Undo Google's Ross Richendrfer was quoted in the Forbes report stating that users can always enable phishing-resistant technologies like passkeys and security keys. He also urged the users to keep their recovery information updated at regular intervals. Also Read : NFL Draft 2025: Date, time, schedule, live streaming, Round 1 order and other details Live Events Why passkeys are the future Reportedly, the tech giant has issued a stern warning against relying solely on passwords or SMS-based two-factor authentication. Both these systems—the firm said—are now vulnerable to increasingly sophisticated attacks. Google urged the users to adopt passkeys, which are tied to their device and require biometric or PIN verification. It added that passkeys make unauthorised access significantly more difficult. Gmail attack sparks panic Google was alarmed when Ethereum developer Nick Johnson received a realistic legal notice from 'no-reply@ ID. The email had a valid DKIM signature and mimicked an official Google alert. It, according to the media reports, turned out that attackers had exploited a loophole. They sent genuine emails to themselves and forwarded them to victims to phish credentials. Premium users can access live human support As per the reports, users who are subscribed to Google One's premium service can access live human support. This includes call-backs and chat options for account recovery . Human support could significantly speed up regaining access following a cyberattack. Also Read : Pope Francis funeral: Donald Trump to Emmanuel Macron, these world leaders set to attend ceremony Quick tips to secure your Gmail account Use a passkey associated with your device Utilize either Google Authenticator or Google Prompts, instead of SMS Add and routinely update your recovery phone number and Email Avoid clicking any links in unexpected emails about security alerts Google will never contact users directly about account security FAQs Q: What can I do if someone hacks into my Gmail account? You need to respond as soon as possible. Utilize your recovery phone number or email—if not yet modified by the attacker—to begin account recovery within seven days. Q: How do passkeys enhance Gmail security? Passkeys are also associated with your own device and need biometric or PIN authentication. They are not easy to phish or reusable like passwords, so they are significantly more secure.
Forbes
22-04-2025
- Forbes
Gmail Attack Update — Google Tells 3 Billion Users: Do This Next
Google issues four-step response to Gmail hack attacks. Unless you have been living in a cave, and one without an internet connection, then you will probably be aware that Gmail has come under attack from sophisticated hackers bypassing Google's own email security protections. Thankfully, Google's Gmail spokesperson, Ross Richendrfer, has assured me that the technology giant is 'aware of this class of targeted attack from this threat actor,' and has 'rolled out protections to shut down this avenue for abuse.' This new Gmail security update is welcome news for all. Richendrfer urged me to convey to my readers that Google will never ask for any of your account credentials, including Gmail account passwords, one-time 2FA passwords or to confirm push notifications. As well as that Gmail update, Google has shared a four-step response plan for anyone who finds themselves on the wrong end of a Gmail attack. The short version is that an email sent from a no-reply@ address claiming that a subpoena had been served requiring Google to produce a copy of the account content managed to bypass strict sender validation protections put in place to protect Gmail users. Of course, it was a phishing scam. But it was a very sophisticated one that ticked all the boxes as far as leveraging trust and getting victims to follow instructions is concerned. The email stated that the subpoena details could be examined or measures taken to file a protest by going to the included Google support pages. So, to recap: the email was validated and signed by Google itself and sent from a Google domain. Furthermore, by passing strict DomainKeys Identified Mail authentication checks that Gmail employs, the fake alert ended up being dropped into the same conversation as genuine security alerts from Google in Gmail. Google has now shut down the mechanism that the attackers used, involving the insertion of arbitrary-length text, to prevent this kind of DKIM attack from working in the future. In conversation with Gmail's Richendrfer, my attention was alerted to 'recently shared detailed guidance on spotting and avoiding email scams' published by Google. This includes a four-step response to anyone who thinks they may have fallen victim to the latest Gmail attack or any such scam. Google also has an interactive phishing quiz to see how well you might be able to identify a Gmail attack or other social engineering campaign targeting your Google services.
Forbes
21-04-2025
- Forbes
Gmail Hack Attack — Google Says You Have 7 Days To Act
Google says you have 7 days to recover your hacked Gmail account. Gmail is under attack. That phrase should send shivers down your spine if you are one of the more than 3 billion people who use the world's most popular email platform. The latest in a long line of threat campaigns is particularly dangerous in that it appears to come from Google itself. But with threat actors continually changing-up their attack methodologies, becoming increasingly more sophisticated thanks to the use of AI, and even employing automatic password hacking machines in their attacks, the danger to your email account and the data it unlocks continues to mount. Google is, of course, fighting back with upgraded security protections but the danger continues. If you fall victim to the latest Gmail hack attack, or any other that locks you out of your Google account, Google has said that you have seven days to get it back. Here's what you need to know and do. The latest Gmail hack attack involves a sophisticated phishing campaign that employs the use of an OAuth application and what has been described as a 'creative DomainKeys Identified Mail workaround' to fool victims into thinking a security alert email originated from Google itself. In other words, it has managed to bypass the exact protections that Google has put in place to help prevent such attacks in the first place. The good news is that Google has confirmed it is putting out updated protections that counter the threat methodology used in this attack. 'These protections will soon be fully deployed,' a spokesperson said, 'which will shut down this avenue for abuse.' A Google spokesperson has also told me that anyone who finds themselves locked out of their Gmail account following a successful attack, where the hacker has changed their account password and recovery methods, still has seven days in which they can undo the damage and regain access to that hacked account. Gmail spokesperson Ross Richendrfer told me that in those situations where an attacker has compromised a Google account and changed the password, or even added a passkey, to prevent the legitimate owner from being able to access it, acting quickly is the key to successful recovery. Obviously, using 'phishing-resistant authentication technologies, such as security keys or passkeys,' in the first place, as Richendrfer advised, is highly recommended to prevent finding yourself in this situation in the first place. But if you do, then all hope is not lost. 'We recommend all users to set up a recovery phone as well as a recovery email on their account,' Richendrfer said, 'these can be used in cases where users forget their own passwords, or an attacker changes the credentials after hijacking the account.' As the original account holder, following a Gmail hack, even if the attacker has changed your recovery telephone number, Richendrfer advised that you have 7 days in which that number can still be used to regain control of, and access to, your Gmail account. The same applies to your recovery email. 'When you change your recovery email,' Richendrfer said, 'you may be able to choose to get sign-in codes sent to your previous recovery email for one week.' To add or change a recovery phone number or email on Android, open your device settings app, hit Google, followed by your name, and the Manage your Google account option. Now head for the security section, where it says 'how you sign into Google,' and you can select options for a recovery phone or recovery email. You will likely be asked to sign in before getting any further, but the selection process is very straightforward and takes no time at all. You can find more details on recovering a Google account following a successful Gmail hack here.
