Everyone with a Gmail account is 'at risk' - billions told to follow 4 important rules Newspoint  |  29/04/2025 20:39:18

Everyone with a when checking their daily batch of emails. It was recently reported that an " extremely sophisticated" new scam was landing in some inboxes that could put them at risk of online fraud. Now, security experts at are warning that "all Gmail users are at risk from clever replay attack."

It's definitely not a warning anyone should ignore, as falling for the trick could give scammers full access to accounts and highly personal data.

The new attack - which was first spotted by Nick Johnson, a lead developer of the Ethereum Name Service - uses a clever tactic to make it appear that it's been sent from a real account. This means it not only looks official but is also able to avoid highly effective spam filters.

READ MORE:

Johnson says an email arrived from Google suggesting a legal subpoena had been issued and access to his account was needed. It may sound far-fetched, but the scam looked real because the email addresses and domain names appeared to be actual Google accounts.

"The first thing to note is that this is a valid, signed email - it really was sent from no-reply@google.com. It passes the DKIM signature check, and GMail displays it without any warnings," Johnson explained.

The only reason tech-savvy Johnson spotted something was wrong is that the official site should have been hosted on a platform called accounts.google.com - instead it appeared on sites.google.com.

The difference is that anyone with a Google account can create a website on sites.google.com. And that is exactly what the cybercriminals did.

READ MORE:

Google says it is addressing the issue with an update that should stop attacks happening like this in the future.

"We're aware of this class of targeted attack from the threat actor, Rockfoils, and have been rolling out protections for the past week," a Google spokesperson told Newsweek.

However, although security is being tightened, now is not a good time to let your guard down, and it's vital to stay alert.

To help email users avoid this new scam, Malwarebytes has released some top tips to help stay safe.

These include:

• Don’t follow links in unsolicited emails or on unexpected websites

• Carefully look at the email headers when you receive an unexpected mail

• Verify the legitimacy of such emails through another, independent method

• Don’t use your Google account (or for that matter) to log in at other sites and services. Instead create an account on the service itself.

So, be warned when checking your email account and don't be fooled.

Read more
Fashion Forward: What the Next Five Years of Sustainable Style Look Like
Tezzbuzz
Golgappa is not only wonderful in taste, but also in health!
Tezzbuzz
Ads Are Showing Up In AI Mode Search On Google: How It Will Work
Tezzbuzz
India A Vs England Lions Live Score, 1st Unofficial Test Day 4: Hosts Take First Innings Lead After Going 9-Down
Tezzbuzz
Adil Rashid overtakes Graeme Swann making this elusive record for England
Tezzbuzz
Rajiv Shukla will replace Roger Binny, will take command of the post of BCCI President
Tezzbuzz
IPL 2025 finals, who will finish 18 years waiting? RCB and Pbks ready to create history
Tezzbuzz
Former Australia skipper lauds Shreyas Iyer’s composure after Test snub
Tezzbuzz
Two killed, 24 injured as tractor-trolley overturns in MP’s Morena
Tezzbuzz
On Anupamaa Sets, Rupali Ganguly’s ‘Favourite Co-Star’ Is Coffee
Tezzbuzz