Anti-malware firm Bitdefender is reporting that hackers are using more sophisticated techniques of acquiring Google account passwords. Since many users have their Google accounts linked to plenty of other services, this can lead to devastating results for anyone who falls for the attack. Additionally, hackers can purchase apps on the Play Store, access documents through Google Drive, steal personal information through Google+, and more.
Essentially, hackers send an email to user informing them that their account will be locked within a day if they don’t click a link to increase their storage. The link directs to a site that mimics Google’s login page, but once the user logs in, the information will be sent to the hackers instead of Google.
It’s a difficult attack for a user to notice, as it uses a data URL scheme in the address bar. In Chrome, much of this information isn’t even displayed, making it even harder for users to realize they are not at a proper Google site.
So what can you do to avoid having your account compromised? You can make sure to verify any email that forwards you to a place that requests your information. If you cannot verify the source of the email, don’t enter your username and password, as it’s quite likely that it’s a malicious attempt to steal your information.
It really comes down to common sense. Google doesn’t email asking for account information, nor does it shut down accounts due to storage problems. Basically, just think before you log in, and you will be able to protect yourself.