Falling victim to an email scam is something that can happen to anyone. This scam is a frightening concept as it usually results in unavoidable panic. Also known as a phishing scam, an email scam involves using email and fake websites to steal sensitive information such as passwords, credit card numbers, account data, addresses, and more.
These days, cybercriminals have devised a method to steal email credentials that bypasses two-factor factor authentication security and doesn’t depend upon easy-to-spot phishing methods. To protect yourself from email password stealing scam you should have a security suite on your devices.
Security software has all the resources that help to keep up with new threats as they emerge. That is why you need Norton’s Security Premium on your devices, which provide a multi-layered defense to security.
In recent researches, it is found that this scam largely targets Gmail, Hotmail, and Yahoo mail users. This is the reason why everyone with an email account should be aware of how this scam works to avoid falling victim to this scam.
In what way this scam works?
Read Here >> How to tackle Webcam Hacking?
Cybercriminals need to know the email address and associated phone number of the user to initiate this scam, whether it is on Gmail, Yahoo or any other domain. With this information, an attacker can then get access to the password recovery feature that allows an email user to know the details of their account by a verification code sent to their mobile. In the following manner, a cybercriminal can gain access and take over an email account:
- An attacker obtains the victim’s email address and phone number, which is usually available.
- The attacker pretends to be a victim and requests a password reset from Google.
- Google sends the password reset code to the victim.
- The attacker then texts the victim with a message, asking them to share the verification code while posing as the email provider.
- The victim passes the verification code on to the “email provider” unknowingly giving crucial information to the attacker.
- The attacker uses the verification code to reset the password which lets him gain access to the email account.
With access to the victim’s account, an attacker could add an alternate email address to the account without the victim’s knowledge in order to forward copies of all messages sent to the address. Meanwhile, the victim would not know that their private messages are being used against him.
Preventive measure to avoid this scam
- Be aware of the suspicious text messages that ask about email verification codes.
- Contact the service provider directly if you are unsure about the legitimacy of the request.
- Remember to use a unique password across all your accounts, which is a good practice.