Security Warning to Gmail Users by Tech Experts
Tech experts are warning Gmail users about a clever new scam designed to steal personal data. Researchers at Malwarebytes Labs and Corey Donovan, president of Alta Technologies, say hackers are using fake "Google Security Alerts" to trick people.
Cybercriminals are using fake Google security alerts to steal user data. Researchers at Malwarebytes Labs recently discovered this scam, which is disguised as a routine security checkup.
While the alert looks real, it leads victims through a fake four-step process to collect sensitive information. Once they have this data, hackers can break into Gmail accounts and other linked Google services.
The scam often asks victims to install a "security tool." Instead of protecting you, this software gives hackers access to your real-time GPS location and contact list. Corey Donovan, president of Alta Technologies, shared these important tips to help you stay safe.
How the Gmail Scam Works
The scam spreads through phishing emails, texts, and pop-up messages. These messages falsely claim that your account needs immediate verification.
Attackers mimic official prompts to make you panic and hand over login details quickly.
The fake pages look almost exactly like Google’s real security site to bypass your natural red flags.
The Goal: Once they get in, hackers can reset your passwords, steal two-factor authentication codes, and take over any linked accounts.
Remember: Google does not run security checks through unsolicited pop-up pages. If you receive an unexpected alert, close the page immediately. Do not download any software. Always check your security status by going directly to your official Google account in your browser.
Safety Tips for Travelers
Hackers target people at airports, train stations, and hotels because travellers are often rushed and using unfamiliar networks.
1. Use Public Wi-Fi With Caution
Public Wi-Fi is a hotspot for cybercriminals. Hackers on the same network can easily see your banking details and personal messages.
Avoid Sensitive Tasks: Do not log into bank apps or email on public Wi-Fi.
Use a VPN: If you must go online, use a trusted VPN to encrypt your data.
Check URLs: Only visit websites that start with HTTPS.
Disable Auto-Connect: Set your phone to not join public hotspots automatically.
2. Carefully check Wi-Fi names before connecting
Hackers create fake Wi-Fi names that look like the official ones. For example, they might use "Airport_Free_WiFi" instead of the real "Airport-Free-WiFi." If you connect, they can monitor everything you do. Always double-check the exact name with the staff before joining.
3. Guard Against "Shoulder Surfing"
On public transport, people can easily see your screen. A single open email could reveal private company info or client data.
Keep your screen out of view.
Avoid handling sensitive work material while commuting.
Use a secure mobile connection rather than public Wi-Fi.
4. Keep Your Devices Updated
Software updates include critical security fixes. If your phone is outdated, hackers can exploit old vulnerabilities.
Install updates as soon as they are available.
After a big update, review what info your apps can access. Some settings might change during the update.
The Bottom Line
People often let their guard down. Cybercriminals take advantage of this. To stay safe, use strong passwords (mix of letters, numbers, and symbols) and turn on multi-factor authentication. Taking a few extra seconds to be cautious can protect your data from these growing threats.
Stay Safe.