Gmail Hackers Possibly Cyber-Criminals of Middle East

According to security researchers, the biggest free e-mail provider globally Google Inc., recently faced hackers' assault, with the culprits possibly situated in Middle East from where they executed one fresh phishing scam targeting Gmail while attempting at duping end-users into giving up hold of their Google accounts, reported ibtimes.com, July 27, 2015.

By eluding the anti-spam solution of Google, the hackers managed to dispatch an allegedly genuine Gmail e-mail, which diverted end-users onto a bogus web-page impersonating Google Drive which so deceived them that they voluntarily surrendered personal usernames and passwords.

Elastica a company for cloud security and the discoverer of the hack described the attack as astoundingly crafted.

According to Senior Security Researcher Aditya Sood of Elastica, the hackers in fact constructed the entire assault medium again that was extremely appealing within the current instance. Ibtimes.com reported this.

It isn't clear as to who the perpetrators of the assault are as also what number of Google account holders has been impacted, although apparently, the attackers managed in determining the way the trustworthy SSL encryption of Google could be faked.

Since the phishing sites were harbored on Google Drive, normal way of blacklisting via URLs or IP addresses proves ineffective. Nor can conventional intrusion determination followed with prevention mechanisms give the necessary protection within these kinds of situations. During these assaults, attackers can steal credentials and use them fraudulently alternatively sell them on to other cyber-criminals for further utilization in malicious operations.

CEO Rehan Jalil of Elastica shows how risk and security experts fast comprehend that long known security solutions aren't any more suitable for cloud software. Newsmaker.com.au reported this, July 28, 2015.

Experts elaborate the new assault as resembling a scam that occurred in March 2014.

According to Elastica, it has informed Symantec the security company that had revealed the 2014 scam, however, the latter's reaction is awaited.

A Spokesperson of Google stated that his organization was constantly engaged in safeguarding users from phishing campaigns via automated systems, user-awareness programs and in-product alerts jointly. According to him, Google knew about the particular problem while it had adopted suitable measures. Yahoo.com reported this, July 28, 2015.

» SPAMfighter News - 8/6/2015