Gmail and Outlook users issued urgent warning over new login attack

Hackers are now targeting Gmail and Outlook accounts with an attack that can bypass even extra security layers.

Most of us check our emails regularly without paying much attention to them, so it is too easy to forget that they can be a convenient entry point for cybercriminals.

Now, a new sophisticated phishing attack that can even work around two-factor authentication (2FA) has been revealed by security experts, with Gmail, Yahoo and Microsoft accounts at particular risk.

Astaroth, the ominously named tool, can get around two-factor authentication through ‘session hijacking and real-time credential interception,’ SlashNext discovered.

Here is how it works so you can avoid falling victim to the latest phishing attack as new tools are being developed.

How the Gmail and Outlook cyber attack works

With the new attack, hackers will first send a URL link to email users.

It will then redirect them to a malign server where a fake sign-in page will appear.

To make matters worse, the fake page does not activate security warnings on the device.

Then the phishing tool becomes like a malign middleman between the user and the legitimate website. It captures sensitive data like username, password and IP address when the unaware victim enters their login credentials before forwarding them to the legitimate website server.

These details ‘allow attackers to replicate the victim’s session environment and reduce detection risks during login,’ SlasNext experts said.

Can two-step authentication stop the attack?

Unfortunately, the worm will automatically get hold of the 2FA token in real time as it intercepts the details immediately when entered by the oblivious user.

This means that even the text message verification codes that appear stealthy cannot protect from this type of attack.

Possibly thousands of miles away from the victim, the cybercriminal will be notified when the user enters their details ‘through a web panel interface and Telegram notifications.’

Astaroth is currently sold on the dark web marketplaces where fraudsters can buy it for around £1,580 ($2,000).

The brazen sellers are even promoting it on Telegram channels and cybercrime forums.

‘Unfortunately, the accessibility of these platforms, combined with the anonymity they offer, makes it quite difficult for law enforcement to track and disrupt its sales,’ the experts said.

It comes after another Gmail attack warning which targets users with realistic-sounding AI calls telling people their account has been compromised.

Get in touch with our news team by emailing us at [email protected].

For more stories like this, check our news page.

MORE: Xbox AI plans already getting roasted by devs: ‘Nobody will want this’

MORE: Xbox creator criticises Microsoft and says more powerful consoles are a dead end

MORE: Games Inbox: When will Fallout 5 be released?