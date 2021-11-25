



GOOGLE warned of a cyberattack led by a Russian hacker targeting Gmail users.

In a report released Monday, US search giants said the campaign was aimed at stealing people’s login credentials using phone emails sent to their inbox.

2

State-sponsored Russian hackers target Gmail users Credit: Alamy

2

Heatmap credits showing the location of the attacker’s target: Google

The attack targeted over 12,000 Gmail accounts, but the malicious message was thwarted by Google before it did any damage.

The company describes the scheme in the first “Threat Horizon” and Google’s cybersecurity action team reports what cybercriminals are doing.

This is the latest in a series of attacks carried out by the prominent Russian government-backed hacker group “Fancy Bear”.

“Fancy Bear … was observed to send a large-scale attack to more than 12,000 Gmail accounts at the end of September,” the researchers write.

“Google blocked these messages and didn’t put the user at risk.”

Attackers used phishing emails to pinch people’s logins. This is an attack in which a cyber criminal tricks a victim into handing over sensitive information.

The subject line of the email usually contains the phrase “critical security alert”, pretending to be from Google.

The message says: “This could be a false alarm, but a government-backed attacker could be tricking you into getting your account password.

“Because these attackers adapt, we can’t reveal what turned us over, but this happens to less than 0.1% of all users.

“If they succeed, they can spy on you, access your data, or take other actions using your account. It is advisable to change your password. . “

Target was prompted to click a link to change the password to access a malicious website operated by a hacker.

The website looked like a Gmail login page, and when Mark entered his credentials, Russian scammers got what they wanted.

According to the Google team, the email was not sent to accounts around the world.

“The regions covered by this particular campaign include the United States, United Kingdom and India,” they write.

“Other notable regions include Canada, Russia, Brazil, and the member states of the European Union.”

Fancy bears are believed to be part of a military unit working at Russia’s highest intelligence agency, GRU.

They carry out state-sponsored hacking campaigns against prominent targets such as politicians and activists.

Fancy Bear, also known as Strontium, previously sought to cause confusion in the 2016 US presidential election.

Hackers have invaded the Democratic National Committee and Hillary Clinton’s campaign.

To avoid phishing attacks, experts advise you not to click links from strangers or provide information to unsecured sites.

Be aware that fraudulent messages, suspicious links and attachments are typical signs of fraudulent messages. Abnormal email addresses are also a red flag.

If you’re not sure if a message or website is legitimate, it’s best to be secure and avoid interacting with them.

In the UK, you can use the Suspicious Email Reporting Service (SERS) to report potential phishing messages or fraudulent websites to NCSC.

