Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Google+. Show all posts
Malware Attack
Cyber Attacks fake ads fake websites Google Google Ads Infostealer Malware Mallicious URLs Malware Attack

Cybercriminals Use Google Ads and URL Cloaking to Spread Malware

 

Cybercriminals are increasingly using Google ads and sophisticated cloaking techniques to push malware onto unsuspecting users. The latest example involves a fake Homebrew website that tricked users into downloading an infostealer designed to steal sensitive data, including login credentials and banking details. Security researcher Ryan Chenkie first noticed the malicious Google ad, which displayed the correct Homebrew URL, “brew.sh,” making it appear legitimate. 

However, once users clicked on the ad, they were redirected to a fraudulent clone hosted at “brewe.sh.” The deception was so convincing that even experienced users might not have spotted the trick before engaging with the site. The technique used in this campaign, known as URL cloaking, allows cybercriminals to manipulate how links appear in ads. According to Google, these attackers create thousands of accounts and use advanced text manipulation to bypass detection by both automated systems and human reviewers. This makes it difficult to catch fraudulent ads before they reach users. 

While Google has since removed the ad and is ramping up its security efforts, the issue highlights ongoing vulnerabilities in online advertising. The malware behind this attack, identified by security researcher JAMESWT as AmosStealer (also known as Atomic), is specifically designed for macOS systems. Developed in Swift, it is capable of running on both Intel and Apple Silicon devices. AmosStealer is a subscription-based malware service, sold to cybercriminals for $1,000 per month. 

Once installed, it can extract browser history, login credentials, bank account details, cryptocurrency wallet information, and other sensitive data. What makes this attack particularly alarming is its target audience. Homebrew is a package manager used primarily by macOS and Linux users, who are generally more tech-savvy than the average internet user. This suggests that cybercriminals are refining their tactics to deceive even experienced users. By leveraging Google’s ad platform to lend credibility to their fake sites, these attackers can reach a broader audience and increase their success rate.  

To protect against such malware campaigns, users should take extra precautions. Checking an ad’s displayed URL is no longer sufficient — verifying the website address after the page loads is crucial. Even a minor change in spelling, such as replacing a single letter, can indicate a fraudulent site. Another effective defense is avoiding Google ads altogether. Legitimate websites always appear in organic search results below the ads, so skipping the top links can help users avoid potential scams. 

Instead of clicking on ads, users should manually search for the company or product name to locate the official website. For those looking to minimize risks from malicious ads, alternative search engines like DuckDuckGo or Qwant offer more privacy-focused browsing experiences with stricter ad filtering. As cybercriminals continue to evolve their tactics, adopting safer browsing habits and remaining vigilant online is essential to avoiding security threats.
Read more »
VPN
CyberCrime Cybersecurity CyberThreat Fake VPN Google malware SEO VPN

Malware Infections Surge from Fake VPN Downloads

 


An attacker is reportedly injecting malware into infected devices using popular VPN applications to gain remote control of the devices they are attacking. Google's Managed Defense team reported this disturbing finding, which sheds light on how malicious actors use SEO poisoning tactics to spread what is known as Playfulghost.

It has become increasingly important for individuals who prioritize the protection of their personal data and online privacy to use virtual private networks (VPNs). VPNs establish a secure, encrypted connection between users' devices and the internet, protecting their IP addresses and online activity against prying eyes. 

However, it should be noted that not all VPN applications are trustworthy. The number of fake VPN apps being distributed under the guise of legitimate services is increasing, stealing the sensitive information of unsuspecting users. Researchers have discovered that during the third quarter of 2024, fake VPN applications have become increasingly widespread globally, which is a worrying trend. In comparison to the second quarter, security analysts have reported a 2.5-fold increase in user encounters with fraudulent VPN apps.

These apps were either infected with malware or were built in such a way that they could be exploited by malicious actors. As a result of this alarming development, it is critical to be vigilant when choosing VPN services. Users should take precautionary measures when choosing VPN services and ensure that the apps they download are legitimate before downloading to safeguard their data and devices. 

As more and more home users turn to virtual private networks (VPNs) as a means to safeguard their privacy, to ensure their internet activity is secure, and to circumvent regional content blocks, these VPNs are becoming increasingly popular. Scammers and hackers are aware that the popularity of VPNs is growing, and so they intend to take advantage of that trend as much as possible. 

As an example, recently it has been found that some VPNs have been found to have security vulnerabilities that do not make them as secure as they should be. Playfulghost is a backdoor similar to Gh0st RAT, a remote administration tool that is well-known in the security community. According to Google's expert, Playfulghost is "a backdoor that shares functionality with Gh0st RAT." The latter has been around since 2008, and it is considered one of the best. 

The traffic patterns of Playfulghost can be distinguished from those of other known threats, especially in terms of encryption and traffic patterns. There are several ways hackers use phishing and SEO poisoning to trick their victims into downloading malicious software onto their computers, and according to a Google expert, one victim was tricked into opening a malicious image file for Playfulghost to run remotely from a remote location, which results in the malware being downloaded onto his computer. In the same vein, SEO poisoning techniques employed trojanized virtual private network (VPN) apps to download Playfulghost components from a remote server on the victims' devices (see GIF below). 

Infected with Payfulghost, an attacker can remotely execute a wide range of tasks on the device once it has been infected. It is particularly dangerous as a virus. Data mining is capable of capturing keystrokes, screenshots, and audio, as well as capturing screenshots. In addition to this, attackers can also perform file management activities, including opening, deleting, and writing new files. Security experts from Google have warned that a new malware threat has been detected that is very dangerous. It is known as Playfulghost and is distributed worldwide via fraudulent VPN apps. Researchers have warned that this scam uses sophisticated techniques to trick users into downloading infected VPN software, including what is called "SEO poisoning". 

There is something especially cruel about this latest cyberattack because signing up for one of the best VPN deals is usually an easy way to improve users' level of privacy and security online. Unfortunately, those who installed the fake VPN applications laced with malware in the last few days have now found themselves in the worst possible position due to the malware they have installed. As people know, the purpose of Playfulghost is to allow hackers to monitor every letter users type on their keyboard, a practice known as keylogging. 

It can also record audio from the built-in microphone on users' computers, laptops, tablets, or desktops, and it can also be used as a tool to record what they are seeing on the screen, which is often used for blackmail. The dangerous malware also enables attackers to remotely execute various file management activities, including opening, deleting, and writing new files, This can enable hackers to download and install other types of malware on machines infected with Playfulghost. Playfulghost also makes it possible for attackers to perform various file management activities remotely, such as opening, deleting, and creating files, allowing hackers to download and install other kinds of malware on computers infected with this dangerous malware. 

As it turns out, Playfulghost's functionality is quite similar to Gh0st RAT, which has wreaked havoc on PCs since 2001 and is now a public open-source tool, whose source code was released in 2008. Since this code is widely available, there have been several copies and clones created, including the latest variant. In addition to utilizing distinct traffic patterns and encryption, Google security researchers have pinpointed two methods by which the malware is being spread by hackers, according to their study. The first is using the infected computers' network cables and the second is via the Internet. 

 The first thing to know is that cybercriminals are utilizing phishing emails — unsolicited messages that entice people to download malicious software. One of the earliest examples that was spotted by Google's team involved emails with themes such as "Code of Conduct" which trick users into downloading the attached file, which turned out to be Playfulghost, a nasty infection. 

Another documented case has also been found in which a victim was tricked into opening a malicious image file and when they opened it in the background Playfulghost was automatically installed and activated on their computer from a remote server. Secondly, the malware may also be spread by bundling it with popular VPN apps in a process known as SEO poisoning. This method has been gaining popularity recently among virus creators. Search engine poisoning is the act of manipulating or hacking a search engine to make malicious downloads appear as an official import.
Read more »
Phishing Scams
2FA Cyber Attacks cybersecurity challenges Google Google Ads Hackers MalwareBytes Online Advertising Online Scams phishing kit Phishing Scams

Google Ads Phishing Scam Reaches New Extreme, Experts Warn of Ongoing Threat


Cybercriminals Target Google Ads Users in Sophisticated Phishing Attacks

Cybercriminals are intensifying their phishing campaigns against Google Ads users, employing advanced techniques to steal credentials and bypass two-factor authentication (2FA). This new wave of attacks is considered one of the most aggressive credential theft schemes, enabling hackers to gain unauthorized access to advertiser accounts and exploit them for fraudulent purposes.

According to cybersecurity firm Malwarebytes, attackers are creating highly convincing fake Google Ads login pages to deceive advertisers into entering their credentials. Once stolen, these login details allow hackers to fully control compromised accounts, running malicious ads or reselling access on cybercrime forums. Jérôme Segura, Senior Director of Research at Malwarebytes, described the campaign as a significant escalation in malvertising tactics, potentially affecting thousands of advertisers worldwide.

How the Attack Works

The attack process is alarmingly effective. Cybercriminals design fake Google Ads login pages that closely mimic official ones. When advertisers enter their credentials, the phishing kits deployed by attackers capture login details, session cookies, and even 2FA tokens. With this information, hackers can take over accounts instantly, running deceptive ads or selling access to these accounts on the dark web.

Additionally, attackers use techniques like cloaking to bypass Google’s ad policies. Cloaking involves showing different content to Google’s reviewers and unsuspecting users, allowing fraudulent ads to pass through Google's checks while leading victims to harmful websites.

Google’s Response and Recommendations

Google has acknowledged the issue and stated that measures are being taken to address the threat. “We have strict policies to prevent deceptive ads and actively remove bad actors from our platforms,” a Google spokesperson explained. The company is urging advertisers to take immediate steps if they suspect their accounts have been compromised. These steps include resetting passwords, reviewing account activity, and enabling enhanced security measures like security keys.

Cybersecurity experts, including Segura, recommend advertisers exercise caution when clicking on sponsored ads, even those that appear legitimate. Additional safety measures include:

  • Using ad blockers to limit exposure to malicious ads.
  • Regularly monitoring account activity for any unauthorized changes.
  • Being vigilant about the authenticity of login pages, especially for critical services like Google Ads.

Despite Google’s ongoing efforts to combat these attacks, the scale and sophistication of phishing campaigns continue to grow. This underscores the need for increased vigilance and robust cybersecurity practices to protect sensitive information and prevent accounts from being exploited by cybercriminals.

Read more »
Technology
Cyberattacks CyberCrime Cyberhackers Cybersecurity Google Google Docs Microsoft Word Proton Docs Technology

Proton Docs vs Google Docs in the Productivity Space

 


For those who are concerned about privacy, Proton has announced an end-to-end encrypted document editor intended to be a viable alternative to Microsoft Word and Google Docs. This application, released on Wednesday by the Swiss software vendor best known for its encrypted email app, provides office workers with many document creation features they might use in their daily work.

Swiss-based and privacy-conscious Proton is now focusing on cloud-based document editing as it has built up its email, VPN, cloud storage, password manager, and cloud storage offerings. Proton Docs, a newly launched service that offers an array of features and privacy protections, might be just what users need to make it work for them.

With regards to its user interface and user experience, Proton Docs draws inspiration from Google Docs while also introducing its distinctive twists. In addition to its clean, minimalist design, Proton Docs has a central focus on the document, and users can find familiar functions with icons at the top representing the common formatting options (such as bold, italics, headings, and lists).

However, the top of the screen does not have a dedicated menu bar, and all options can be found in the default toolbar. Proton Docs keeps a very similar layout to Google Docs and, therefore, if someone is transitioning from Google Docs to Proton Docs, they should not have any problems getting started with their drafts right away. The work that was done by Proton was excellent.

A lot of the basic features of Proton Docs are similar to those of Google Docs, and the first thing users will notice is that the application looks very much like Google Docs: white pages with a formatting toolbar up top, and a cursor at the top that displays who is in the document as well as a cursor to clear the document at the top. The fact is that this isn’t particularly surprising for a couple of reasons.

First of all, Google Docs is extremely popular, and the options for styling a document editor are not that many. In other words, Proton Docs has been created in large part to offer all the benefits of Google Docs, just without Google. Docs are launching inside Proton Drive today, and as part of the privacy-focused suite of work tools offered by Proton, it will be the latest addition.

It has become clear that Proton has expanded its offering from email to include a calendar, a file storage system, a password manager, and more since it began as an email client. Adding Docs to the company's ecosystem seems like a wise move since it aims to compete against Microsoft Office and Google Workspace, and it was coming soon after Proton acquired Standard Notes in April.

According to Proton PR manager Will Moore, Notes would not disappear — Docs is borrowing some of its features instead. Proton Docs is a full-featured, end-to-end encrypted word processor with the ability to store files and even its users' keys (keystrokes and cursor movements) end-to-end encrypted, so that no one, including Proton staff, will be able to access any of the users' files (not even the users). This makes it much more difficult for hackers and data breaches to access the files, thereby making them more secure. There has been a lack of improvement in this area in Proton Docs.

However, even though it is part of the growing portfolio of the company, it does not fully integrate with its existing platform. There is no ability to access calendars and contacts from the sidebar like Google Docs, and it does not have the same functionality as Google Pages. Additionally, there is no easy way for users to import existing documents, files, or media from a Proton Drive account directly into the application.

In contrast, Google Docs provides the convenience of typing an "@" followed by the name of a file from users' Google Drive account and inserting the document from there as soon as they click the hyperlink. A feature such as this is particularly useful when a document needs to include multiple files in addition to the document itself. A second advantage of Proton Docs is the use of Swiss cloud servers, which provide storage of users' data on Proton Docs' servers in Switzerland.

It is thanks to the strict Swiss laws that protect the information stored on these servers that they cannot be accessed by regulatory authorities in regions like the European Union and the United States. A new feature known as Proton Docs is scheduled to be rolled out to Proton Drive customers starting today, with the ability to access the feature expected to be available to everyone within the next few days, as per Proton.

Powered by the Proton Drive platform, Proton Drive operates on a freemium model with individual subscriptions to the platform costing as little as €10 per month (approximately $10.80 when billed annually). The monthly subscription fee for Proton for Business is €7 per user per month and can be purchased in any amount.

Read more »
Privacy
Android App Cyberattacks CyberCrime Cyberhackers Cybersecurity CyberThreat Google iOS Malicious Network Privacy

Google Warns Users About Privacy Risks Posed by Certain Android Apps

 


It has recently been reported by a leading media outlet that more than 11 million Android devices have been infected with malicious software known as the Necro Trojan, which has crept into phones and tablets through unofficially modified applications, games, and game modifications. Google is making an effort to narrow the gap between Android 15 and iPhone on the front of security and privacy. 

The new Android OS brings several welcome changes that will protect its users, their devices, and their data better over time. These include live threat detection that can identify malware and abuse of permissions as soon as they are detected, mobile network defence, and tighter controls over what apps are performing behind the scenes. There is still a lot of room on Android for permission abuse since it relates to that shadowy area between apps that behave properly and outright spyware—of which there are still a lot of examples available.

There is no doubt that Apple led the charge in limiting location tracking, and use of sensitive phone functionality like a camera, messaging, and contacts, as well as restricting access to location data. Google has released Android 15 on millions of Pixel devices, and it is now available for download. Although this update emphasizes security and privacy over anything else, two of its most important and headline-grabbing features were left out of the new upgrade. 

Two things are coming shortly, but the first one is not coming until the end of the year, and the second one is imminent. Google's new mobile network security, which prevents users from having their identities tracked and intercepted via the network, is maybe the most significant long-term security feature that is missing. It has been leaked that Android 15 will include an improved Privacy Dashboard as a part of the updates brought by the new version. 

9to5Google reports that, in the next few weeks after Android 16 Developer Preview 1 was released last month, Google will release a 7-day history for the privacy dashboard in Android 15, the first time that a 7-day history has been added. This is expected to be released via the Google Play system update in November 2024." It has been announced in the past month that Google will soon launch a 7-day history for the Privacy dashboard in Android 16, following the introduction of Android 16 Developer Preview 1 last month. There is a new system update to Google Play in November 2024 that will bring this update to the public. 

When the app is installed, go to the Settings app > Privacy & Security > Privacy dashboard to access the privacy information. There is now an option "Show 7 days" in the overflow menu located in the upper-right corner of the screen, joining the existing "Show system" option at the top.  Throughout the following tables, users will notice that the stats will change from "Past 24 hours" to "Past 7 days" as a longer timeframe for the usage of Location, Camera, and Microphone gets introduced.  This is the most sensitive spyware function on users' phones, and they need to pay special attention to how it is being used. 

The best advice for users would be to stop stopping permissions from being granted in the first place and not monitor afterwards, but rather to stop granting them in the first place. Even though an app might have no dangerous permissions, it can still pose a risk. There is no such thing as a safe number of permissions for an app, according to Cybernews researchers. By just installing the app on a device, the app has access to many more permissions that are considered harmless and non-dangerous. 

The apps used in these scenarios can still perform tasks such as starting up, staying in the background, accessing confidential information, etc. Taking this into consideration, it is critical to regularly remove unnecessary apps, revoke excessive permissions that infringe on privacy, and consider visiting the same services through the web browser rather than using the device's app store. This is a new Android Remote Access Trojan (RAT), and it combines both the classic VNC and overlay capabilities, as well as features often associated with spyware, to produce a powerful and sophisticated Android Trojan. 

There are keyloggers embedded in this program, as well as monitoring routines that provide the ability to capture user data and intercept user interactions, which makes it a powerful tool for spying on users and stealing credentials. Accessibility Services is also a permission that is never granted to any app without its requirement. Accessibility Services are also a system tool, which malware is capable of abusing to take control of devices and their key system functions if given regardless of their necessity. 

Additionally, a new feature that detects scam calls is being rolled out starting with Pixel devices. Specifically, it's available to U.S. phones by Google users with the Pixel 6 or newer device in English. This new update might be making some Samsung Galaxy owners jealous as they watch on with a sense of envy. As the headlines speculate on when the Android 15 beta will debut, the speculation continues again this week, with no sign of an imminent stable release until next year, and the release of Samsung's Galaxy S25 smartphone series only a year away. 

A certain degree of risk is inherent in every mobile application, which makes it imperative for the user to maintain a high level of precaution when it comes to ensuring the security of their data and privacy. Security experts insist that it is crucial to carefully review app permissions before granting them access to users' devices. Users should always disable location services whenever possible—concerned, however, that some applications may not be able to operate properly without them should turn off geotagging for photographs when not required. 

There can be many sensitive information contained in location and geotagging information. It is likely that marketers, and potentially malign actors, will analyze this information to develop a comprehensive profile of each individual's movements and habits based on the information they gathered. To protect the phone's privacy, users must not underestimate the implications of such access. There is expert advice that users should revoke permissions for apps that appear too restrictive on the app's functionality for their utility. 

The best course of action is to uninstall an application if it is unable to customize permissions and poses privacy concerns to users without having the ability to customize them. Research on highly secure messaging applications designed for both iPhone and Android platforms could benefit those looking to enhance the level of security in their communication. As the world of communication becomes increasingly interconnected, these apps cater to users' needs in terms of privacy and data encryption.
Read more »
Technology
Encryption Google Oxford University Quantum computing Technology

Google's Quantum Computing Leap: Introducing the "Willow" Chip

 



Google has made a significant stride in quantum computing with the announcement of its latest chip, named "Willow." According to Google, this advanced chip can solve problems in just five minutes that would take the most powerful supercomputers on Earth an astonishing 10 septillion years to complete. This breakthrough underscores the immense potential of quantum computing, a field that seeks to harness the mysterious and powerful principles of quantum mechanics.

What is Quantum Computing?

Quantum computing represents a revolutionary leap in technology, distinct from traditional computing. While classical computers use "bits" to represent either 0 or 1, quantum computers use "qubits," which can represent multiple states simultaneously. This phenomenon, known as superposition, arises from quantum mechanics—a branch of physics studying the behavior of particles at extremely small scales. These principles allow quantum computers to process massive amounts of information simultaneously, solving problems that are far beyond the reach of even the most advanced classical computers.

Key Achievements of Willow

Google's Willow chip has tackled one of the most significant challenges in quantum computing: error rates. Typically, increasing the number of qubits in a quantum system leads to higher chances of errors, making it difficult to scale up quantum computers. However, Willow has achieved a reduction in error rates across the entire system, even as the number of qubits increases. This makes it a more efficient and reliable product than earlier models.

That said, Google acknowledges that Willow remains an experimental device. Scalable quantum computers capable of solving problems far beyond the reach of current supercomputers are likely years away, requiring many additional advancements.

Applications and Risks of Quantum Computing

Quantum computers hold the promise of solving problems that are impossible for classical computers, such as:

  • Designing better medicines and more efficient batteries.
  • Optimizing energy systems for greater efficiency.
  • Simulating complex systems, like nuclear fusion reactions, to accelerate clean energy development.

However, this power also comes with risks. For example, quantum computers could potentially "break" existing encryption methods, jeopardizing sensitive information. In response, companies like Apple are already developing "quantum-proof" encryption to counter future threats.

Global Efforts in Quantum Computing

Google's Willow chip was developed in a cutting-edge facility in California, but the race for quantum supremacy is global:

  • The UK has established a National Quantum Computing Centre to support research and development.
  • Japan and researchers at Oxford University are exploring alternative methods, such as room-temperature quantum computing.

These international efforts reflect intense competition to lead this transformative technology.

A Step Towards the Future

Experts describe Willow as an important milestone rather than a definitive breakthrough. While it is a game-changing chip, challenges such as further reductions in error rates remain before quantum computers see widespread practical use. Nevertheless, Google’s advancements have brought the world closer to a future where quantum computing can revolutionize industries and solve some of humanity’s most complex challenges.

This remarkable progress highlights the vast potential of quantum computing while reminding us of the responsibility to use its power wisely.

Read more »
User Privacy
Google Mobile Security RCS Threat Landscape User Privacy

Here's Why You Need A New App After Google RCS Issue

 

Google Messages has suddenly gone haywire. After years of campaigning, the "seamless messaging" dream was finally realised, but it vanished as quickly as it arrived. Currently, the question is whether it has any prospect of ever returning. 

Like a slow-motion train crash, Google quickly appreciated Apple for its long-awaited adoption of RCS, but as soon as it went live, it was criticised for its awkward security flaw. Despite iMessage's constant praise of its end-to-end encryption, those green bubbles are still without it. 

Quick to react, Google and the GSMA said that end-to-end encryption for RCS is currently being developed. China comes along to ruin the fun, even though that might have won the day. Apple, Google, and other companies insist on end-to-end encryption since it appears that state-sponsored hackers have infiltrated US telco networks. 

Cross-platform RCS has suffered severely as a result of the FBI and CISA are now both cautioning the public to utilise encrypted platforms properly. There is no security when texting from an Android phone to an iPhone, as Samsung has warned customers. 

Google and the GSMA were quick to respond, promising that end-to-end encryption for RCS is in the works. But, although that might have won the day, China arrives to spoil the fun. It appears that state-sponsored hackers have broken into US telco networks, highlighting why Apple, Google, and others advocate for end-to-end encryption in the first place. With the FBI and CISA now warning citizens to use appropriately encrypted systems, cross-platform RCS has taken a significant knock. Even Samsung has advised consumers that texting from Android to iPhone is not secure. 

Apple has never denied that iMessage is only secure within its own walled garden. Google, not Apple, pushed for cross-platform RCS. When it finally arrived with iOS 18, Google sent out public messages about non-blurry images and other new capabilities, whereas Apple said little, if anything at all. 

So now it's up to Google Messages to pick up the pieces of this security catastrophe and figure out what to do next. How quickly can RCS be beefed up to meet the "responsible encryption" standard specified by the US government officials? Given the official warnings, how do Google and Apple encourage consumers to send basic RCS/SMS texts? How quickly will network confidence get better? 

However, with timing being everything, the ultimate impediment to that RCS train could be Apple's upcoming iPhone update—iOS 18.2. To everyone's surprise, the iMaker has chosen to provide all of its users—not just those in controlled Europe—the ability to choose their default apps. For the first time, choose an over-the-top service like WhatsApp or Signal as your primary call and message provider. 

The 2024 RCS dream has suffered a setback, though whether it has been buried beneath the waters remains to be seen. What is evident is that this benefits Meta, which owns the world's largest end-to-end encrypted messaging systems, WhatsApp and Facebook Messenger, even if they are not "responsibly" encrypted, as defined by the FBI, which requires authorised access to content when necessary. 

Google Messages customers who use that platform to text friends, family, and colleagues will now require a new app. If you don't already have WhatsApp, Messenger, or Signal, you should download them right now. WhatsApp is the clear winner, striking the ideal combination between security, functionality, and scalability. Many of the people you communicate with will already have the app installed.

In keeping with the security theme, you must take two steps to guarantee the integrity of end-to-end encryption. Start by correctly configuring WhatsApp (or a substitute). This includes passkeys when they are available and two-factor authentication. Second, make sure you avoid taking any chances when installing apps, downloading files, or clicking links. It's as if you haven't secured your stuff at all if an attacker uses malware to take over your phone or lures you into installing malicious software, regardless of the messenger you use. 

The irony for Google has continued with the announcement that Samsung is discontinuing RCS for millions of Galaxy users who are still using Samsung Messages and advising they migrate to Google Messages. The Galaxy maker told Verizon customers that "Samsung Messages will no longer support RCS after 1.6.2025." Switch to Google Messages to keep the more robust messaging you're accustomed to.”
Read more »
Technology
Cloud Cloud Data Google Google Cloud Location data Technology

User Tracking: Google to Store User Data for 180 Days

User Tracking: Google Announces to Store User Data for 180 Days

Google has made a major change in its user tracking, a big leap in privacy concerns for users. Google will stop the nosy cloud storage of data it gets from tracking user location in real time. 

The privacy change

Called Google Maps Timeline, from December, Google will save user location data for a maximum of 180 days. After the duration ends, the data will be erased from Google Cloud servers. 

The new policy means Google can only save a user’s movements and whereabouts for 6 months, the user has an option to store the data on a personal device, but the cloud data will be permanently deleted from Google servers.

The new privacy change is welcomed, smartphones can balance privacy and convenience in terms of data storage, but nothing is more important than location data

Users can change settings that suit them best, but the majority go with default settings. The problem here arises when Google uses user data for suggesting insights (based on anonymous location data), or improving Google services like ads products.

Why important 

The Google Maps Timeline feature addresses questions about data privacy and security. The good things include:

Better privacy: By restricting the storage timeline of location data on the cloud, Google can reduce data misuse. Limiting the storage duration means less historical data is exposed to threat actors if there's a breach.

More control to users: When users have the option to retain location data on their devices, it gives them ownership over their personal data. Users can choose whether to delete their location history or keep the data.

Accountability from Google: The move is a positive sign toward building transparency and trust, showing a commitment to user privacy. 

How will it impact users?

Services: Google features that use location history data for tailored suggestions might be impacted, and users may observe changes in correct location-based suggestions and targeted ads. 

The problem in data recovery: For users who like to store their data for a longer duration, the new move can be a problem. Users will have to self-back up data if they want to keep it for more than 180 days. 

Read more »
sensitive data exposure
Confidential Data Cyber Crime data security Data Theft Google Google Pixel Lawsuit sensitive data exposure

Google Sues Ex-Employee for Leaking Pixel Chip Trade Secrets Online

 


Google has filed a lawsuit against Harshit Roy, a former employee, accusing him of leaking sensitive information about the company's chip designs. The lawsuit, filed in a Texas federal court, alleges that Roy, who worked as an engineer at Google from 2020 to 2024, disclosed confidential details about Pixel processing chips on social media platforms, including X (formerly Twitter) and LinkedIn. 
 
According to the complaint, Roy captured internal documents containing proprietary chip specifications before resigning in February 2024. After leaving Google, he moved from Bangalore, India, to Austin, Texas, to pursue a doctoral program at the University of Texas. 
 

The lawsuit claims that Roy:   

 
- Shared these confidential documents publicly, violating his confidentiality agreement with Google.  
- Posted statements such as, “Don’t expect me to adhere to any confidentiality agreement,” and “Empires fall, and so will you,” along with images of internal documents.   
- Ignored multiple takedown requests from Google and continued posting proprietary information online.  
- Tagged competitors like Apple and Qualcomm in some of his posts, allegedly drawing attention to the leaked information. 
 
Google asserts that the leaked materials contained trade secrets critical to its operations. The disclosures reportedly led to media outlets publishing stories based on the leaked information, further exacerbating the breach. 
 
Jose Castaneda, a spokesperson for Google, emphasized the company's commitment to addressing the situation. “We discovered that this former employee unlawfully disclosed numerous confidential documents. We are pursuing legal action to address these unauthorized disclosures, as such behavior is completely unacceptable,” Castaneda stated. 
 

Google is seeking:   

 
  • Monetary damages to compensate for the breach.   
  • A court order to prevent Roy from further distributing or using the leaked information. 

As part of the legal proceedings, a judge issued a temporary restraining order on Wednesday, prohibiting Roy from sharing additional proprietary details. Google argues that such measures are necessary to:   
 
  • Protect its intellectual property.   
  • Maintain trust within its operations. 
 
This case highlights the ongoing challenges faced by companies in safeguarding trade secrets, especially in highly competitive industries like technology. As the legal battle unfolds, it is expected to shed light on the legal and ethical boundaries of confidentiality agreements and the potential consequences of breaching such agreements in the tech industry.
Read more »
Youtube
Amazon Audible ClearFake Cyber Security CyberCrime Cyberhackers CyberThreat Google Youtube

Amazon and Audible Face Scrutiny Amid Questionable Content Surge

 


The Amazon online book and podcast services, Amazon Music, and Audible have been inundated by bogus listings that attempt to trick customers into clicking on dubious "forex trading" sites, Telegram channels, and suspicious links claiming to offer pirated software for sale. It is becoming increasingly common to abuse Spotify playlists and podcasts to promote pirated software, cheat codes for video games, spam links, and "warez" websites. 

To spam Spotify web player results into search engines such as Google, threat actors can inject targeted keywords and links in the description and title of playlists and podcasts to boost SEO for their dubious online properties. In these listings, there are playlist names, podcast description titles, and bogus "episodes," which encourage listeners to visit external links that link to places that might cause a security breach. 

A significant number of threat actors exploit Google's Looker Studio (formerly Google Data Studio) to boost the search engine ranking of their illicit websites that promote spam, torrents, and pirated content by manipulating search engine rankings. According to BleepingComputer, one of the methods used in the SEO poisoning attack is Google's datastudio.google.com subdomain, which appears to lend credibility to the malicious website. 

Aside from mass email spam campaigns, spammers are also using Audible podcasts as another means to spread the word about their illicit activities. Spam can be sent to any digital platform that is open to the public, and no digital platform is immune to that. In cases such as those involving Spotify or Amazon, there is an interesting aspect that is, one would instinctively assume that the overhead associated with podcasting and digital music distribution would deter spammers, who would otherwise have to turn to low-hanging fruit, like writing spammy posts to social media or uploading videos that have inaccurate descriptions on YouTube. 

The most recent instance of this was a Spotify playlist entitled "Sony Vegas Pro 13 Crack...", which seemed to drive traffic to several "free" software sites listed in the title and description of the playlist. Karol Paciorek, a cybersecurity enthusiast who spotted the playlist, said, "Cybercriminals exploit Spotify for malware distribution because Spotify has become a prominent tool for distributing malware. Why? Because Spotify's tracks and pages are easily indexed by search engines, making it a popular location for creating malicious links.". 

The newest business intelligence tool from Google, Looker Studio (formerly, Google Data Studio) is a web-based tool that allows users to make use of data to create customizable reports and dashboards allowing them to visualize and analyze their data. A Data Studio application can, and has been used in the past, to track and visualize the download counts of open source packages over some time, such as four weeks, for a given period. There are many legitimate business cases for Looker Studio, but like any other web service, it may be misused by malicious actors looking to host questionable content on illegal domains or manipulate search engine results for illicit URLs. 

Recent SEO poisoning campaigns have been seen targeting keywords related to the U.S. midterm election, as well as pushing malicious Zoom, TeamViewer, and Visual Studio installers to targeted sites.  In advance of this article's publication, BleepingComputer has reached out to Google to better understand the strategy Google plans to implement in the future.

Firstory is a new service launched in 2019 that enables podcasters to distribute their shows across the globe, and even connect with audiences, thereby empowering them to enjoy their voice! Firstory is open to publishing podcasts on Spotify, but it acknowledges that spam is an ongoing issue that it is increasingly trying to address, as it focuses on curtailing it as much as possible. 

Spam accounts and misleading content remain persistent challenges for digital platforms, according to Stanley Yu, co-founder of Firstory, in a statement provided to BleepingComputer. Yu emphasized that addressing these issues is an ongoing priority for the company. To tackle the growing threat of unauthorized and spammy content, Firstory has implemented a multifaceted approach. This includes active collaboration with major streaming platforms to detect and remove infringing material swiftly. 

The company has also developed and employed advanced technologies to scan podcast titles and show notes for specific keywords associated with spam, ensuring early identification and mitigation of potential violations. Furthermore, Firstory proactively monitors and blocks suspicious email addresses commonly used by malicious actors to infiltrate and disrupt digital ecosystems. By integrating technology-driven solutions with strategic partnerships, Firstory aims to set a higher standard for content integrity across platforms. 

The company’s commitment reflects a broader industry imperative to protect users and maintain trust in an ever-expanding digital landscape. As digital platforms evolve, sustained vigilance and innovation will be essential to counter emerging threats and foster a safer, more reliable online environment.
Read more »
Technology
Android Cyberattacks CyberCrime Cyberhackers Cybersecurity Cyberthreats Google GPS Technology

Improving GPS Technology with Insights from Android Phones

 


The effect of navigation apps drifting off course may be caused by a region 50-200 miles overhead called the ionosphere, which is a region of the Earth’s atmosphere that is responsible for such drifts. There are various levels of free electrons in this layer that, under certain conditions, can be extremely concentrated, thereby slowing down the processing of GPS signals when they are travelling between satellites and devices. 

A delay, like a delay that would occur from navigating through a crowded city street without being able to get to your place of work on time, is a major contributor to navigation system errors. As reported in Nature this week, a team of Google researchers demonstrated they had been able to use GPS signal measurements collected from millions of anonymous Android mobile devices to map the ionosphere by using GPS data from those devices. 

There are several reasons why a single mobile device signal cannot tell researchers so much about the ionosphere with only one device, but this problem is minimized when there are many other devices to compare with. Finally, the researchers have been able to use the vast network of Android phones to map out the ionosphere in an extremely precise way, matching or exceeding the accuracy of monitoring stations, using the huge network of Android phones. This technique was far more accurate in areas like India and Central Africa, compared to the accuracy of listening stations alone, where the Android technique was used. 

The total electron content (TEC) referred to as ionospheric traffic is a measure of the number of electrons in the ionosphere used within a cellular telephone network. Satellites and ground stations are used to measure this amount of electrons in the ionosphere. These detection tools are indeed effective, but they are also relatively expensive and difficult to build and maintain, which means that they are not used as commonly in developing regions of the world. 

The fact that monitoring stations are not accessible equally leads to disparities in the accuracy of the global ionospheric maps. However, Google researchers did not address one issue. They chose to use something that more than half of the world's population already possessed: mobile phones. In an interview with Popular Science, Google researcher Brian Williams discussed how changes in the ionosphere have been hindering GPS capabilities when working on Android products.

If the ionosphere were to change shortly, this may undermine GPS capabilities. Aside from contributing to scientific advances, he sees this project as an opportunity to improve accuracy and provide a more useful service to mobile device users regularly.  Rather than considering ionosphere interference with GPS positioning as an obstacle, the right thing to do is to flip the idea and imagine that GPS receiver is an instrument to measure the ionosphere, not as an obstacle," Williams commented.

The ionosphere can be seen in a completely different light by combining the measurements made by millions of phones, as compared to what would otherwise be possible." Thousands of Android phones, already known as 'distributed sensor networks', have become a part of the internet. GPS receivers are integrated into most smartphones to measure radio signals beamed from satellites orbiting approximately 1,200 miles above us in medium Earth orbit (MEO).

A receiver determines your location by calculating the distance from yourself to the satellite and then using the distance to locate you, with an accuracy of approximately 15 feet. The ionosphere acts as a barrier that prevents these signals from travelling normally through space until they reach the Earth. In terms of GPS accuracy errors, many factors contribute to the GPS measurement error, including variables like the season, time of day, and distance from the equator, all of which can affect the quality of the GPS measurement. 

There is usually a correctional model built into most phone receivers that can be used to reduce the estimated error by around half, usually because these receivers provide a correctional model.  Google researchers wanted to see if measurements taken from receivers that are built into Android smartphones could replicate the ionosphere mapping process that takes place in more advanced monitoring stations by combining measurements taken directly from the phone. 

There is no doubt that monitoring stations have a clear advantage over mobile phones in terms of value per pound. The first difference between mobile phones and cellular phones is that cellular phones have much larger antennas. Also, the fact that they sit under clear open skies makes them a much better choice than mobile phones, which are often obscured by urban buildings or the pockets of the user's jeans.

In addition, every single phone has a customized measurement bias that can be off by several microseconds depending on the phone. Even so, there is no denying the fact that the sheer number of phones makes up for what they are lacking in individual complexity.  As well as these very immediate benefits, the Android ionosphere maps are also able to provide other less immediate benefits. According to the researchers, analyzing Android receiving measurements revealed that they could detect a signal of electromagnetic activity that matched a pair of powerful solar storms that had occurred earlier this year. 

According to the researchers, one storm occurred in North America between May 10 and 11, 2024. During the time of the peak activity, the ionosphere of that area was measured by smartphones and it showed a clear spike in activity followed by a quick depletion once again. The study highlights that while monitoring stations detected the storm, phone-based measurements of the ionosphere in regions lacking such stations could provide critical insights into solar storms and geomagnetic activity that might otherwise go unnoticed. This additional data offers a valuable opportunity for scientists to enhance their understanding of these atmospheric phenomena and improve preparation and response strategies for potentially hazardous events.

According to Williams, the ionosphere maps generated using phone-based measurements reveal dynamics in certain locations with a level of detail previously unattainable. This advanced perspective could significantly aid scientific efforts to understand the impact of geomagnetic storms on the ionosphere. By integrating data from mobile devices, researchers can bridge gaps left by traditional monitoring methods, offering a more comprehensive understanding of the ionosphere’s behaviour. This approach not only paves the way for advancements in atmospheric science but also strengthens humanity’s ability to anticipate and mitigate the effects of geomagnetic disturbances, fostering greater resilience against these natural occurrences.
Read more »
Safari
Browser Cyber Fraud Google link Safari

Browser Warning: Fake Websites Steal Millions from Users

 



Cyber scammers give new warnings as they do not stop scamming unsuspecting web shoppers through a new phishing campaign posing to be online stores. Many of these fake stores Google has removed from its search results, but links remain on social media and other sites, hence why all internet users need to know how to spot these dangerous sites.


How the Scam Works

In its latest research, Human Security's Satori team has found that cyber thieves are taking advantage of a method that leads internet users from legitimate online platforms to fake online shopping. The attackers inject a malicious program that creates fake product listings in genuine websites. This tactic pushes these fake listings up to the top rank of the search results; hence, users who click on such pages are attracted by what seems to be a good deal. When you click on such links, you are redirected to a phishing site by a malicious person who actually controls the site.

On such rogue sites, they will force you to pay using the actual service providers that have a history of legitimacy, therefore giving you more confidence. After you pay, you never receive the product and lose your cash. Maybe some consumers have effectively filed a credit card chargeback, but recovery is not always possible.


A Massive Phishing Campaign

According to the latest research, the cybercrooks have managed to compromise more than 1,000 websites to spread false business proposals. The thieves had established 121 fake online shops, where the amount of dollars in money lost by hundreds of thousands of gullible people was going into millions. According to Human Security, hundreds of thousands of people have been duped by these cheats.

Be Alert with These False Sites Signs

The victim will not get caught again if he can see the following signs:

- Deals That Seem Too Good to Be True: Something that you bought a little below its selling price is a red flag. Confirm if the website is legit before you go further.

- Inconsistent Website Names: Sometimes, the domain name, popup titles, and payment processing pages can have different names. Fake sites often have inconsistent names in these details.

- Order Process Quality: Be cautious when the ordering process appears suspicious or lacks most normal security measures, such as autofill with an address.

- Check Reviews: Look for reviews of the website from outside sources. Recognize that some reviews are completely false. Some review sites are much better about guaranteeing legitimacy.


This phishing scam, they have called "Phish 'n' Ships." This campaign effectively makes use of search engine optimization tricks to push these phony listings up as top results, giving them a spurious sense of legitimacy to unsuspecting users. In spite of these having been largely removed by Google, the criminals' strategies are changing day by day.


Continued Threat Against Browser Users

These attacks are highly likely to be affected in all major web browsers, but researchers warn that "Phish 'n' Ships" has not been suppressed, because it remains active.

Even though Google succeeded in taking down some of its parts partially, criminals will most likely change their attack in order to continue scamming further.

Meanwhile, Malwarebytes has detected another threat in Bing search results. Cybercrooks have misused the terms "Keybank login" and other similar ones to reroute innocent surfers fraudulently to phishing sites aimed at stealing banking credentials. Sometimes, even the top result of the search is a malicious link.


Security Tips for Ad Campaigns

Before launching online ads, organisations should make sure that the advertising associates they hire are well-equipped to handle malvertising. Key best practices for this include ad monitoring for threats, latent "cloaked" malicious scanning and processes in place in case of attacks.

By being vigilant and checking websites, users can avoid becoming a victim of these very sophisticated scams.



Read more »
Technology
Algorithm Filter Bubble Google Internet SEO Technology

Behind the Search Bar: How Google Algorithm Shapes Our Perspectives

Behind the Search Bar: How Google Shapes Our Perspectives

Search engines like Google have become the gateway to information. We rely on them for everything from trivial facts to critical news updates. However, what if these seemingly neutral tools were subtly shaping the way we perceive the world? According to the BBC article "The 'bias machine': How Google tells you what you want to hear," there's more to Google's search results than meets the eye.

The Power of Algorithms

At the heart of Google's search engine lies an intricate web of algorithms designed to deliver the most relevant results based on a user's query. These algorithms analyze a myriad of factors, including keywords, website popularity, and user behaviour. The goal is to present the most pertinent information quickly. However, these algorithms are not free from bias.

One key concern is the called "filter bubble" phenomenon. This term, coined by internet activist Eli Pariser, describes a situation where algorithms selectively guess what information a user would like to see based on their past behaviour. This means that users are often presented with search results that reinforce their existing beliefs, creating a feedback loop of confirmation bias.

Confirmation Bias in Action

Imagine two individuals with opposing views on climate change. If both search "climate change" on Google, they might receive drastically different results tailored to their browsing history and past preferences. The climate change skeptic might see articles questioning the validity of climate science, while the believer might be shown content supporting the consensus on global warming. This personalization of search results can deepen existing divides, making it harder for individuals to encounter and consider alternative viewpoints.

How Does It Affect People at Large?

The implications of this bias extend far beyond individual search results. In a society increasingly polarized by political, social, and cultural issues, the reinforcement of biases can contribute to echo chambers where divergent views are rarely encountered or considered. This can lead to a more fragmented and less informed public.

Moreover, the power of search engines to influence opinions has not gone unnoticed by those in positions of power. Political campaigns, advertisers, and interest groups have all sought to exploit these biases to sway public opinion. By strategically optimizing content for search algorithms, they can ensure their messages reach the most receptive audiences, further entrenching bias.

How to Address the Bias?

While search engine bias might seem like an inescapable feature of modern life, users do have some agency. Awareness is the first step. Users can take steps to diversify their information sources. Instead of relying solely on Google, consider using multiple search engines, and news aggregators, and visiting various websites directly. This can help break the filter bubble and expose individuals to a wider range of perspectives.

Read more »
Google Updates
Ad Blockers API Chrome Extensions Cyber Security Google Google Chrome Google Chrome security Google Updates

The Impact of Google’s Manifest V3 on Chrome Extensions

 

Google’s Manifest V3 rules have generated a lot of discussion, primarily because users fear it will make ad blockers, such as Ublock Origin, obsolete. This concern stems from the fact that Ublock Origin is heavily used and has been affected by these changes. However, it’s crucial to understand that these new rules don’t outright disable ad blockers, though they may impact some functionality. The purpose of Manifest V3 is to enhance the security and privacy of Chrome extensions. A significant part of this is limiting remote code execution within extensions, a measure meant to prevent malicious activities that could lead to data breaches. 

This stems from incidents like DataSpii, where extensions harvested sensitive user data including tax returns and financial information. Google’s Manifest V3 aims to prevent such vulnerabilities by introducing stricter regulations on the code that can be used within extensions. For developers, this means adapting to new APIs, notably the WebRequest API, which has been altered to restrict certain network activities that extensions used to perform. While these changes are designed to increase user security, they require extension developers to modify how their tools work. Ad blockers like Ublock Origin can still function, but some users may need to manually enable or adjust settings to get them working effectively under Manifest V3. 

Although many users believe that the update is intended to undermine ad blockers—especially since Google’s main revenue comes from ads—the truth is more nuanced. Google maintains that the changes are intended to bolster security, though skepticism remains high. Users are still able to use ad blockers such as Ublock Origin or switch to alternatives like Ublock Lite, which complies with the new regulations. Additionally, users can choose other browsers like Firefox that do not have the same restrictions and can still run extensions under their older, more flexible frameworks. While Manifest V3 introduces hurdles, it doesn’t spell the end for ad blockers. The changes force developers to ensure that their tools follow stricter security protocols, but this could ultimately lead to safer browsing experiences. 

If some extensions stop working, alternatives or updates are available to address the gaps. For now, users can continue to enjoy ad-free browsing with the right tools and settings, though they should remain vigilant in managing and updating their extensions. To further protect themselves, users are advised to explore additional options such as using privacy-focused extensions like Privacy Badger or Ghostery. For more tech-savvy individuals, setting up hardware-based ad-blocking solutions like Pi-Hole can offer more comprehensive protection. A virtual private network (VPN) with built-in ad-blocking capabilities is another effective solution. Ultimately, while Manifest V3 may introduce limitations, it’s far from the end of ad-blocking extensions. 

Developers are adapting, and users still have a variety of tools to block intrusive ads and enhance their browsing experience. Keeping ad blockers up to date and understanding how to manage extensions is key to ensuring a smooth transition into Google’s new extension framework.
Read more »
Technology
Artificial Intelligence CyberCrime Cyberscams CyberThreat Gmail-Accounts Google Google Business Service Technology

AI-Powered Hack Poses Threat to Billions of Gmail Accounts

 


Currently, there is a cyberattack powered by artificial intelligence that targets Gmail's huge network of 2.5 billion users, which is currently making waves. As a way of tricking people into sharing sensitive information, hackers use advanced techniques, including realistic artificial intelligence-generated scam calls posing as Google Support and impersonating the company's representatives. It has been reported that a new and sophisticated scam has been targeting Gmail users, intending to steal personal information by tricking users into approving fake account recovery requests by posing as Gmail employees. 

A technology consultant and blogger, Sam Mitrovic, shared a detailed blog post detailing his experience with the scam, which emphasized how easy it would be for users to fall victim to this AI-based deception based on clever deception techniques. It begins with an unexpected email or text message telling users that an automated recovery request has been sent to their Gmail account, and they will be asked to agree to it. 

As Mitrovic's case illustrates, the majority of recovery requests come from other countries, such as the United States in Mitrovic's case. It's still not over for Mitrovic though, because about 40 minutes after declining the request, the scammers make their second move-a phone call from what appears to be an official Google number that they pretend to be. The email message appears highly authentic since it uses personal information such as names, addresses, or past communications to convey a strong sense of authenticity. They use several methods to trick users into clicking on malicious links or providing sensitive information, such as login credentials, payment information, and other sensitive information to the attackers. 

A Microsoft solution consultant Sam Mitrovic recently posted an article in his blog about his personal experience with this alarming trend as he highlighted to his readers how difficult it can be to identify these scams. The first notification Mitrovic received from a phishing scam asked him to approve a recovery attempt for a Gmail account. This was a classic phishing attempt aimed at stealing login credentials from Mitrovic. He wisely ignored the alert, knowing that there was a potential danger involved. 

As a result, the attackers were persistent and didn't let up; not long after getting the notification, he got a new notification informing him that he had missed a call from "Google Sydney." The following week, he received the same notification, along with a phone call from the same number. It was the second time he had picked up the phone. Mitrovic said that the American voice on the other end of the line informed him that something suspicious had happened with his Google account a week ago, and someone had accessed it during that period. Apparently, the Google employee, who offered to send an email outlining what happened, did so promptly, and that message arrived from an official Google email address within a short period. 

A key point that Mitrovic stresses is the importance of being vigilant in preventing these scams from taking place. Users of Gmail are strongly advised to take precautionary measures in light of the increasing sophistication of AI-driven cyber threats. One critical recommendation is to avoid approving account recovery requests that were not personally initiated. 

If a recovery notification is received unexpectedly, it should not be approved, as this could be an indication that the account is being targeted for unauthorized access. In the case of phone calls purporting to be from Google, it is important to remain vigilant. Google rarely contacts users directly unless they are engaging with Google Business services. 

Should a call be received claiming to be from Google, it is recommended to immediately hang up and verify the phone number independently before continuing any interaction. Users should also pay close attention to email addresses in communications that appear to be from Google. Spoofed emails may seem legitimate, but careful inspection of details such as the “To” field or the domain name can reveal whether the email is fake. It is advisable to regularly review the security settings of one's Gmail account and examine recent security activity for unfamiliar logins or suspicious behaviour. This can be done by navigating to the “Security” tab within Gmail account settings, where recent login activity and security alerts are displayed. 

For more technologically inclined users, examining the original email headers can provide valuable insights into whether the email was sent from a legitimate Google server. This level of scrutiny can help identify phishing or spoofing attempts with greater accuracy. By following these steps, Gmail users can enhance their security posture and better protect themselves from AI-based scams. The key takeaway is to exercise caution and thoroughly verify any unusual activity or communications related to their accounts. 

The rise of AI-powered hacking techniques poses a significant threat to the security of Gmail users worldwide. As these sophisticated scams become more prevalent and harder to detect, users need to remain vigilant and proactive in protecting their accounts. By carefully reviewing recovery requests, verifying any communication claiming to be from Google, and regularly monitoring account security settings, users can minimize the risk of falling victim to these advanced cyberattacks. Staying informed and exercising caution is critical in safeguarding personal information and maintaining the integrity of online accounts amidst this evolving threat landscape.
Read more »
Scams
Cyber Crime Cyber crimes DNS fraudulent activities Google Scams

New Coalition to Take Down Online Scams, Led by Google

 




As cybercrime continues to cost the world economy billions annually, a robust new coalition launched by Google, the DNS Research Federation, and the Global Anti-Scam Alliance (GASA) is working to disrupt online scammers at a global level. By all accounts, this partnership constitutes a "game changer." The United Coalition focuses on revealing and thwarting fraudulent activity online.

Online Scam Fighting via the Global Signal Exchange

The coalition will be launching a data platform called Global Signal Exchange, which will 24/7 scan open cyberspaces for signs of fraudulent activity and issue alerts. For a platform, it will leverage the DNS Research Federation's DAP.live: an aggregation platform that consolidates feeds from over 100 sources to spot potential scams. Google enhances these efforts while providing relevant feeds from DAP.live that should provide an even more comprehensive view of online fraud as it begins to take shape.

A Growing Threat in the Digital Age

Some scams are becoming almost too clever nowadays, to the extent that an estimated $8.6 billion is lost worldwide due to such scams each year, with few cases going to convictions. In the UK alone, each person is targeted nearly 240 times a year by a scammer via emails or texts from fake legitimate businesses or offices asking them for personal information, such as bank or credit card details.

Britain estimates the average loss per person due to scams is £1,169. Overall, 11% of adults admit that they have fallen for online fraud. More alarming is the economic loss in the proportion of older adults, which indicates people aged 55 and above lose an average amount of £2,151. Those between 36 and 54 lose about £1,270, while those less than 35 years old lose about £851.

The Call for International Cooperation

Another challenge while combating online scams is that many of the criminal organisations behind these scams are operating from abroad, often from such countries as Russia and North Korea. This international nature makes it even more difficult for local authorities to keep an eye on and legally prosecute them. The coalition aims to balance this gap by sharing scam information in real time, thereby creating a chance to respond quickly to new emerging threats. This collaborative approach will serve crucially because cybercriminals often operate in groups and have done all of this work so fast, which has made it really hard to fight scams alone by any single organisation.

Scammers collaborate, they pool and they act fast. The days when individual brands could combat cybercrime on their own are gone. Global Signal Exchange usher in a new chapter in the battle against cybercrime, and Google's partnership promises to be the game-changer," said Emily Taylor, Chief Executive of DNS Research Federation.

Scammers Use All Too Familiar Brand Names Trapping Victims

The research carried out by the coalition indicates that fraudsters make use of the identity of conspicuous brands to acquire victims. Some of the very popular brands currently being used in scams are: home delivery and courier services; financial services, including banks, insurance, and loan companies; companies in the Technology, Media, and Telecoms sector; many public sector organisations, including HMRC and local councils; and, in a few instances, prominent charities.

According to DNS Research Federation, the volume of scams seems to peak each year in November during the Black Friday promotions and associated online shopping. Much of such activity is occurring because of heightened online activity. Thus, proper defences are quite essential when activity reaches such peak levels.

An alliance towards consumers' protection around the world

The Global Anti-Scam Alliance was established in 2021 to create a network of businesses that stand together to protect consumers online from fraud. GASA, in partnership with Google and the DNS Research Federation, will decrease the profitability of scams in order to make them less appealing to cybercriminals.

As threats in cyber continue to grow and seemingly intensify, this alliance will very largely form a critical element in the protection of users internationally. The Global Signal Exchange represents a major leap forward in efforts on anti-scam activities as it promises that consumers will be better protected from online fraud, and are able to navigate an increasingly complex digital environment more securely.


Read more »
Zero Day
Amnesty International Android Google Qualcomm Vulnerabilities and Exploits Zero Day

Millions of Android Devices at Risk, New Chip Bug Exploited in Targeted Attacks

 



Overview of the Exploit

Hackers recently leveraged a serious security weakness, said to be a "zero-day," that exists within the Qualcomm chipsets used in many popular Android devices. Qualcomm confirmed that at the time they were first exploited by hackers, they were unaware of the bug, which was tracked under CVE-2024-43047. This flaw actually existed in real-world cyberattacks where it could have impacted millions of Android users globally.

Vulnerability Details

This zero-day flaw was uncovered in 64 different Qualcomm chipsets, including the highly sought-after flagship Snapdragon 8 (Gen 1), a chipset used by many Android devices from reputable brands such as Motorola, Samsung, OnePlus, Oppo, Xiaomi, and ZTE. In their advisory, Qualcomm states that attackers have been able to exploit the flaw, but the company does not elaborate on who the attackers are or what their motive might be or who they specifically targeted. In light of both Google's Threat Analysis Group (TAG) and the Amnesty International Security Lab investigating the incidents, Qualcomm believes these instances constitute "limited, targeted exploitation," rather than widespread attacks.

Response to Attack

The vulnerability was apparently noticed by the CISA US, who have listed it on their known exploited vulnerabilities list. Qualcomm has issued appreciation to Google Project Zero and Amnesty International's Security Lab for coordinated disclosure of this vulnerability. Through such coordination, Qualcomm has been able to develop its fixes starting from September 2024 that it has since issued to customers, which includes Android device manufacturers operating its own chipsets.

Patch Distribution and User Security

So far, patch development is the task of Android device manufacturers. As Qualcomm has publicly released the fix, users need to ensure that their devices are up to date with respect to security patches from their device manufacturer.

Investigation Continues

The broader investigation into the hack is still going on with Google and Amnesty International digging deeper into the details of the targeted attack. Google TAG didn't have anything further to say, but an Amnesty spokesperson confirmed that it would soon publish more research findings on this vulnerability.

The necessity for security research and collaboration from technology entities and organisations to prevent new threats from happening is highlighted in this case. Android users of devices that use Qualcomm should thus remain vigilant and roll out whichever system updates for now.


Read more »
Subscribe to: Posts (Atom)