Deutsch   English   Français   Italiano  
<vj2p96$3d9v8$1@dont-email.me>

View for Bookmarking (what is this?)
Look up another Usenet article

Path: ...!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: JAB <here@is.invalid>
Newsgroups: misc.news.internet.discuss
Subject: Gmail Takeover Hack Attack
Date: Sat, 07 Dec 2024 18:29:26 -0600
Organization: A noiseless patient Spider
Lines: 36
Message-ID: <vj2p96$3d9v8$1@dont-email.me>
Reply-To: JAB <here@is.invalid>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Injection-Date: Sun, 08 Dec 2024 01:29:27 +0100 (CET)
Injection-Info: dont-email.me; posting-host="93330d11691646f61c88dd5a89ccae38";
	logging-data="3581928"; mail-complaints-to="abuse@eternal-september.org";	posting-account="U2FsdGVkX18QcX9bLCd59rt5lWK6WJYl"
User-Agent: ForteAgent/8.00.32.1272
Cancel-Lock: sha1:47R1iYClGikJBfZ9ZGnr2ZOAn88=
Bytes: 2938

Gmail Takeover Hack Attack--Google Warns You Have Just 7 Days To Act
....
....
A typical example of a Gmail user who has found themselves locked out
of their account after a successful hack attack compromise was posted
to the Reddit Gmail subreddit recently. The user complained that they
had been locked out of the account after finding that their "passkeys
(fingerprint), passwords and phone number were changed," laying the
blame on malware that was discovered on their device. "The only thing
I have attached to the account is my other recovery email that I still
have access to, though it doesn't really help with logging me back
in," the user said, "I don't have access to backup codes either and
I'm pretty much ready to give up at this point knowing that Google
doesn't have live support." Although Google wasn't able to help with
this specific case, I did ask for broader advice on how a Gmail user
should respond in such circumstances in order to regain access to
their Google account and their Gmail.
....
....
Google Said Users Have 7 Days To Regain Access To A Compromised Gmail
Account

I had a conversation with a Google spokesperson, Ross Richendrfer, who
deals with workspace security and privacy matters. First and foremost,
Richendrfer wanted me to point out that the tactics being seen by
these email hackers are not unique to Gmail by any means, it's a
common methodology for an attacker to maintain control of an account
once it has been initially compromised. However, Richendrfer did
confirm, for context, that Google does see situations where an
attacker has compromised an account and then adds a security key or a
passkey to prevent the legitimate owner from logging back in. This,
Richendrfer said, is usually as a result of the Gmail account holder
"not using phishing-resistant authentication technologies, such as
security keys or passkeys," to protect their Google account

https://www.forbes.com/sites/daveywinder/2024/12/07/gmail-takeover-hack-attack-google-warns-you-have-just-7-days-to-act/