Cyber Security Expert Exposes Tips to Avoid New Scam Targeting 1.8 Billion Gmail Users
2 mins read

Cyber Security Expert Exposes Tips to Avoid New Scam Targeting 1.8 Billion Gmail Users

news0Tagged , , , , , , , , , , , , , ,

New Phishing Tool Astaroth Targets 1.8 Billion Gmail Users—How to Stay Safe
[Image: Hacker using Astaroth to bypass security]

A cyber warfare expert warns that hackers are exploiting a sophisticated phishing tool, Astaroth, to steal login credentials, bypass two-factor authentication (2FA), and hijack accounts. Over 1.8 billion Gmail users are at risk, along with Yahoo, Outlook, and AOL accounts.

How Astaroth Works

Astaroth uses reverse proxy servers to trick users into entering their credentials on fake login pages that mimic legitimate browsers like Chrome or Edge. Unlike traditional phishing, Astaroth acts as a "middleman," intercepting usernames, passwords, 2FA codes, and session cookies in real time. This allows hackers persistent access even after 2FA is enabled.

[Image: Fake Gmail login page created by Astaroth]

Expert Advice: Avoid the Trap

James Knight, a cybersecurity expert with 25 years of experience, advises:

  • Enable spam filters to block phishing emails.
  • Avoid clicking suspicious links, even if they appear legitimate.
  • Verify login pages: “Just because it looks like Gmail doesn’t mean it is.”

Knight’s team tested Astaroth on clients to expose vulnerabilities. In one case, hackers impersonated a CEO via email, sending malicious requests to employees—a tactic he calls “deadly for companies.”

Why 2FA Isn’t Enough

While 2FA adds a security layer by sending codes to your phone or email, Astaroth steals these codes instantly. Hackers use session cookies to maintain access, bypassing future checks.

[Image: Diagram of reverse proxy attack]

Dark Web Availability

Astaroth sells for $2,000 on the dark web, including six months of updates via Telegram. These updates help hackers evade defenses from Google and Microsoft. While Microsoft has improved protections, Knight notes Google lags behind in tackling proxy-based attacks.

Who’s Vulnerable?

Services like Gmail, Yahoo, and Outlook are prime targets. The FBI reported 298,000 phishing complaints in 2023, making it the top cybercrime.

Protect Yourself

  • Use email spam filters.
  • Install anti-phishing software.
  • Manually type URLs instead of clicking links.
  • Monitor accounts for suspicious activity.

[Image: FBI cybercrime statistics graphic]

Stay vigilant: Even advanced tools like 2FA can fail against evolving scams like Astaroth.

Word count: ~600

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Posts