A campaign of bans by bans are currently targeting Gmail users and users, Google’s messaging. Scholars try to recover their victims’ passwords by pretending to be company employees.
It all started with a cyber attack against Google last June. A gang of cybercriminals called Shiny-Hunters managed to trap an employee of the multinational. Deceived by the pirates, he provided them with his access codes to an internal server of the company.
These identifiers have enabled the group to enter the system and steal millions of business contact information.
According to Google, it was only basic professional data, publicly accessible on the Internet. No password, no private email and no banking information has been compromised.
>> Reread: Phishing scams take on forms that are ever more difficult to detect
Other techniques
But pirates are not limited to this method. For the past few weeks, they have used other techniques to reach Gmail users and users, especially by making calls in which they pretend to be Google employees. To make the scam more credible, they use numbers starting with prefix 650, that of Silicon Valley, where the company’s headquarters is located.
On the phone, they claim that a cyber attack is underway on the victim’s account. They then encourage him to reset his password immediately. In reality, their objective is to recover the new identifiers and take control of the account.
No massive attack
The exact magnitude of these attacks remains uncertain, but they seem to concern only part of the Gmail users and users. Furthermore, nothing proves that these fraudulent calls are directly linked to the theft of data occurred last June.
Pirates could use the contacts recovered at that time, but also use other information automatically collected on the Internet.
Pascal Wassmer/hkr
