The new Gmail exploit might endanger your sensitive information following a recently discovered flaw in the app's authentication code.
Millions of users worldwide have been warned of this security issue, especially since it is linked to Facebook's logout.
New Google Gmail Vulnerability Might Exploit Users' Data
(Photo : Solen Feyissa from Unsplash)
A security expert has warned millions of users about the new Google Gmail exploit that could hijack their saved credentials on the websites.
According to a report by Forbes, Youssef Sammouda, a security researcher, said that the exploit lies in the authentication code of Google's free email service.
Interestingly, the flaw is connected to Facebook. As such, accounts linked that are used when signing up for Gmail could be affected by this security problem.
Sammouda added that the Google OAuth redirects are connected to FB's logout. Additionally, it's also linked to the sandbox systems.
For those unfamiliar with Google OAuth, it's a shortcut term for "Open Authorization" which several tech giants like Microsoft and Amazon have been implementing for the users.
For instance, this standard enables individuals to connect their accounts to third-party websites. In this context, you will be using the same username and password shared with the apps.
Moreover, Sammouda continued that the impact of this exploit could be more concerning. He cited that Facebook has granted him a "bug bounty" of $44,625 for this result.
Malwarebytes Labs, a known cybersecurity firm, has warned the users who have been using a linked account.
"Linked accounts were invented to make logging in easier. You can use one account to log in to other apps, sites, and services... All you need to do to access the account is confirm that the account is yours, " Malware Intelligence Researcher Pieter Arntz wrote.
He explained that they wouldn't recommend anyone rely on a sole password when logging in on several sites. It's because there's no assurance that your password will be compromised when you sign up.
Related Article: Latest Email Scam Targets Gmail, Outlook Users: How to Avoid this Vishing Attack?
How to Unlink Your Account
Forbes reports that people who want to unlink their account can do the following:
- First, go to Settings & Privacy.
- Then, access the Accounts Center button and head to Accounts & Profiles.
- Once you're done with this process, you're now good to unlink your account from Facebook.
In other news, Express says that there's a new scam email that is bugging the users in the UK.
The tech publication writes that scammers are tricking people into clicking an email containing a procedure on how to claim a rebate from the government, which amounts to hundreds of pounds.
The suspicious scheme suggests that all customers can only claim the rebate until June 1. For this part, you will be instructed to click a button that will direct you to a fake email.
Since the authorities found out about its existence, Action Fraud has released a warning to the users about this threat. The country's reporting center urged everyone to avoid clicking fake Ofgem emails.
Read Also: Google Chat Rolls Out New Security Features
This article is owned by Tech Times
Written by Joseph Henry
