CyberNews Briefs

Cybercriminals Exploit Gmail Feature to Scale Up Attacks

According to new research by Agari, threat actors are currently taking advantage of a Gmail feature in a variety of scams, such as BEC scams, filing phony tax returns, submitting fraudulent applications for unemployment benefits and filing requests for other forms of government assistance, like FEMA disaster aid.

The exploited Gmail feature makes it possible to use dotted variations of a specific email address for the same account. For instance, emails being addressed to examplename@gmail.com; example.name@gmail.com and ex.ample.name@gmail.com will all be forwarded to the inbox of examplename@gmail.com. While the idea behind this feature is to prevent someone from mimicking another person’s username, cybercriminals are using it to manage large amounts of “dotted” email addresses, which can be used to create different user accounts on various websites, while still managing everything in the same inbox.

Read more: Cybercriminals Exploit Gmail Feature to Scale Up Attacks

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.