Google Urges Gmail Users to Strengthen Security Amid New Wave of Cyberattacks
- Google has issued a warning to Gmail users after discovering a wave of cyberattacks linked to the ShinyHunters hacker group, which exploited vulnerabilities in Salesforce's cloud platform
- The attackers used social engineering tactics, including vishing, to compromise accounts and have since leveraged stolen data for more harmful schemes
- Google advises users to bolster security by changing passwords regularly, enabling two-factor authentication, and following strong security practices to reduce the risk of further intrusions
Legit.ng journalist Zainab Iwayemi has 5-year-experience covering the Economy, Technology, and Capital Market.
After discovering a new wave of cyberattacks connected to one of the most well-known hacker organisations on the internet, Google has sent out a strong warning to Gmail users.
Source: Getty Images
The vulnerability surfaced when Salesforce's cloud platform was breached, making Google services users and businesses more susceptible to attack.
In order to lower the chance of compromise, the business is advising customers to stay alert, keep a careful eye on their accounts, and bolster their security measures. Gmail and Google Cloud are used by an estimated 2.5 billion people globally.
The first indications of these attacks were found in June, when researchers discovered that hackers were using social engineering techniques—more specifically, posing as IT support employees—to trick targets, according to Google's Threat Intelligence Group (TAG).
Google acknowledged in August that the gang had used compromised passwords to accomplish many "successful intrusions." Although defined as "basic and largely publicly available business information," the stolen data has since been used as a weapon to support more harmful schemes.
“We believe threat actors using the ‘ShinyHunters’ brand may be preparing to escalate their extortion tactics by launching a data leak site (DLS),” TAG explained in a recent blog post.
“These new tactics are likely intended to increase pressure on victims, including those associated with the recent UNC6040 Salesforce-related data breaches.”
Source: Getty Images
According to Google, the vishing technique, in which hackers impersonate IT staff over the phone, has been "particularly effective in tricking employees," with the majority of victims being found in English-speaking divisions of multinational companies.
On August 8, Google formally contacted all users who were identified as affected by the incident via email.
What Gmail users should do
Legit.ng reported that it is advised that users of Gmail take proactive measures to improve their security. To further protect against intrusions, Google recommends that users change their passwords regularly and activate additional security features like two-factor authentication.
Even though Google data indicates that the majority of users already have strong or unique passwords, only roughly one-third of them change their passwords on a regular basis, making many accounts more susceptible than they need to be.
Gmail users can greatly lower their risk of being victims of hacks like the ShinyHunters' by combining multi-factor authentication, frequent updates, and strong credentials.
All 1.8 billion gmail users get warning
Legit.ng reported that all 1.8 billion Gmail users have been issued a 'red alert' over a scam that allows hackers to gain access to accounts.
The attack employs AI to craft robocalls and malicious emails capable of bypassing security filters.
The combination aims to convince victims that their Gmail account has been compromised.
Source: Legit.ng
