Google has issued an important security warning to its 2.5 billion Gmail users, urging them to update their passwords due to a spike in successful hacking efforts. The company is strongly recommending a two-step verification (2SV) and other protective measures to protect the accounts.
Shinoors are associated with high-profile cyber attack
The hacking group shinnhetors, who have been allegedly inspired by Pokémon franchise, have been active since 2020 and are tied with major data violations in companies such as AT&T, Microsoft, Santnder and Ticketmaster according to Silv.com.
These hackers often use fishing emails to cheat users to users visiting fake login pages or to reveal sensitive details such as 2SV code.
Possible data leakage risk
Although most of the compromised data in the incident were publicly available, Google said that this strategy could increase in more targeted and serious attacks.
In a June blog post, Google said, “We believe that the danger actors using the ‘Shinyhunters’ brand may be prepared to increase their forced recovery strategy by launching data leak site (DLS).”
Google informs users
On August 8, Google emailed all potentially affected users, allowing them to increase their account security.
Two-phase verification (2SV), also known as two-factor authentication (2FA) or multi-factor authentication (MFA), requires a secondary confirmation, such as the code sent to a reliable device before providing access to an account.
This ensures that even if hackers receive a password, they cannot log in without additional verification.
Expert advice to strengthen account safety
According to the Mirror US, the action fraud emphasized the importance of 2SV, stating, “secure your email account by enabling 2-phase verification (2SV). It can prevent criminals from entering your accounts, even if they have your password.”
The Stop Think Fraud Site also issued a similar advice. “Turning 2SV provides an additional level of protection to your most important accounts, especially your email. It can be turned on within a few minutes – time can be spent well to keep the fraud out.”
“2SV can usually be found in your account safety settings. Sometimes it is called 2-factor authentication (2FA) or multi-factor authentication (MFA). 2SV is available for most major online services, such as emails, banking and social media.”
