Android Police

Articles Tagged:

phishing

20

Phishing attacks taking advantage of automatic Google Calendar events

We've all received a spam email telling us we've won millions of dollars or need to reset our online banking password. Although these are widespread, most messaging platforms and even browsers have learned to recognize them for our protection. Because of this, attackers are finding more sophisticated means to be more attractive: Besides using Google Docs to trick users, scammers have turned to Google Calendar and are relying on its automatic event creation setting to take advantage of people.

Read More
41

New 'inception bar' phishing method spoofs Chrome's address bar when you scroll

A new type of potential phishing attack has been discovered by developer James Fisher. Called the "inception bar" by its creator. The attack allows for a site to spoof a URL in the mobile version of Chrome when scrolling, subsequently locking them into a false UI. In fact, the site detailing this newly-discovered flaw makes use of it, appearing to show an HSBC URL.

Read More
10

Google to block sign-in attempts from embedded Chrome pages

Most of us have way more usernames and passwords than we can remember. Thankfully, our browsers can store these for us, but using single sign-on is even more convenient, as it avoids creating credentials for each and every site we visit. The most popular one around is Google's solution, which lets you use your Gmail username and password to connect to any website that supports it. However, as the solution is widely used, some malicious sites embed login pages which can capture the user's credentials and even their 2FA token. To protect users from such attacks, Google is now blocking sign-in attempts from embedded pages.

Read More
52

Fake Google Wallet is being granted access to Google Accounts

Back in January, Google simplified its payment offering by merging Android Pay and Google Wallet into Google Pay. The new appellation made it simpler for users to manage their payments, thanks to a unified platform allowing them to pay with their phone, but also online using their browser. Despite this move, the defunct service seems to be coming back to life, in a rather intriguing manner. Indeed, several users have reported receiving notifications mentioning Google Wallet was granted access to their Google account.

Read More
77

Google bans 29 beauty camera apps from the Play Store that steal your photos

Security firm Trend Micro has discovered 29 malicious beauty camera apps that aim to phish user traffic and steal your photos. The apps have already been removed by Google from the Play Store, but only after accumulating millions of downloads.

Once installed, some of the apps would load up full-screen advertisements for fraudulent or pornographic content each time the device is unlocked, and some of the apps would forward users to phishing websites to steal their personal information.

Read More
19

Chrome will soon warn you if you visit a phishing site with a lookalike URL

Phishing attempts involve a lot of trickery. You think you got an email from your colleague at androidpolice.com when you really received it from someone at androidpollce.com. Or you mistype one letter in a URL and you're taken to a site that looks exactly the same, but isn't the one you wanted. One minute later you've entered your email, password, and maybe credit card on an unknown site and your details have been stolen for good. Even the best of us (and the most tech-savvy and aware) can miss a small letter change, so it only makes sense that there's a more automated and systematic check that could save us from these situations.

Read More
36

Google’s 89,000+ employees have had zero phishing incidents since switching to hardware security keys in 2017

Phishing attacks are deceptively successful against less experienced users, but even those that consider themselves reasonably technical can occasionally fall prey to the simple approach. According to a recent report by Krebs on Security, Google and its employees aren't among the 76% of businesses that have been victims of phishing attacks in the last year. In fact, not one of the company's employees work accounts has been successfully phished since 2017, thanks to hardware 2FA security keys.

Read More
9

Google implements further changes for developers to help protect user data

Earlier in the month, Google released an official statement on a particularly virulent phishing email imitating Google Docs that was doing the rounds. That same day, coincidentally or not, an update to the Gmail Android app added a special warning page that pops up every time a link in one of the suspect emails is clicked. Now, Google is implementing further changes to help prevent future scams of this type.

Read More
25

Google bakes phishing protection into the Gmail for Android app

Perhaps due to today's outbreak of a widespread phishing scam, or simply by coincidence, Google is rolling out enhanced anti-phishing security checks in Gmail for Android. When users tap on a suspicious link, the above warning will now appear.

Read More
38

Google releases official statement on widespread Google Docs phishing email

Phishing emails are annoying and potentially dangerous, but very rarely do we see one as nefarious as this. A specific email, shown above, has been making waves in the news and Google has released an official statement regarding it.

Read More