Khaberni - Cybersecurity experts have warned Gmail users of a new electronic scam that exploits a recently launched Google feature allowing the replacement of the email address while keeping the old address as an alias.
This feature, which was introduced earlier this month, aims to help users update their old addresses without losing messages or prior data. However, cybercriminals quickly exploited this by sending fake emails that deceive users into thinking there are security changes on their accounts.
These messages often claim the need to change the Gmail address or confirm login details, and they seem convincing because they are sent from addresses resembling Google's official ones, such as: [email protected].
Victims are asked to click on links to verify their accounts or confirm a new address, but these links actually lead to fake sites hosted on sites.google.com, designed to mimic Google's login pages.
If the attack succeeds, scammers can take control of the user's account and access all Google services linked to it, including "Drive," "Google Photos," and "Calendar," as well as accounts associated with Google login service.
On the other hand, Google confirms that using the new feature does not lead to the loss of messages or files, as the inbox and stored content remain intact, alongside backup data, purchase history, and subscriptions.
In this context, tech expert Kurt Knutson on "Fox News" said that the update affects approximately two billion active users, and serves especially those who want to abandon old addresses associated with earlier stages of their professional or personal lives.
Cybersecurity experts warned that phishing messages, despite their sophistication, still carry clear indicators, most notably the use of a generic greeting like "Dear customer," or resorting to threatening language that pushes the user to make a quick decision without verification.
They also alerted to the danger of messages that request entering passwords or sensitive information through external links, as they often lead to fake pages aimed at stealing login data.
Google advises users not to interact with these messages and to verify any security alerts directly by logging into their accounts, where they can see details of the device, time, and geographic location of access attempts.
