Russian hackers..

ZeeOSix

$100 site donor 2022
Joined
Jul 22, 2010
Messages
33,598
Location
PNW
Most likely a scam to download malware on your device.
 

JC1

Joined
Nov 29, 2008
Messages
6,703
Location
Oshawa, Ontario Canada
Yes click on it! lol They will send that to thousands of people... a few hundred will be dumb enough to click on it. Where I used to work, they would send out Phishing attempts. Use URLs like AMAZAN with misspelled info. The guy who was responsible for sending them out, said one employee kept clicking the link dozens of times. They probably wanted to see if they would get turfed or they were really stupid.
 

ZeeOSix

$100 site donor 2022
Joined
Jul 22, 2010
Messages
33,598
Location
PNW
The message says there was an "attempt" to log-in (and it was supposedly "blocked"), but also says a user "just signed in". There's a difference between attempt and actually signing in. If the account was actually blocked, then I'd think it would have to be reset by Google for the real user to then log-in to. But yeah, if you're worried then go change your password just in case.
 

Mad_Hatter

Thread starter
Joined
May 18, 2019
Messages
4,028
Location
WA
Originally Posted by ZeeOSix
Most likely a scam to download malware on your device.
I have two step login enabled on all my Google services so any attempt to log into my account would have generated a pop up on my mobile asking me to verify/confirm the login. Without confirmation you can not login to my account. This is how I know definitively it's a phishing attempt. There's more than likely malicious code embedded in the email "link" that installs a keylogger or Trojan of some kind. Next thing you know some goon in Moscow is capturing all your passwords to the websites you visit as well as any stored CC, personal identifying information you have on your mobile/web browser etc.
 
Last edited:

dishdude

$50 Site Donor 2022
Joined
Nov 14, 2008
Messages
13,549
Location
Phoenix
Originally Posted by incognito_2u
No, that's a legit Google warning. Change your Password immediately!,,Nice and Strong........ Just saying!
It looks like a poorly done fake copy of a real Google warning. Everyone should have 2 factor authentication turned on for every account that offers it.
 
Joined
Jan 2, 2004
Messages
9,575
Location
California
Originally Posted by dishdude
Originally Posted by incognito_2u
No, that's a legit Google warning. Change your Password immediately!,,Nice and Strong........ Just saying!
It looks like a poorly done fake copy of a real Google warning. Everyone should have 2 factor authentication turned on for every account that offers it.
++ Preferably with an authenticator app like Microsoft Authenticator or Google Smart Lock which will use the security processor within your phone's SoC(or the Secure Enclave in an iPhone 7 or higher), as it's easy to intercept SMS or fake them. Google sells the Titan security key which will work for 2FA within Google's suite of apps and many more than support FIDO. It uses Google's Titan M security processor, the same chip used on the Pixel phones. The Yubico keys are similar but FIDO compliant.
 
Joined
Apr 27, 2012
Messages
13,471
Location
MA
Originally Posted by Mad_Hatter
Next thing you know some goon in Moscow is capturing all your passwords to the websites you visit as well as any stored CC, personal identifying information you have on your mobile/web browser etc.
Naw, probably Iranian or North Korean. And they have fun by trying to put the blame on Russia. But it could really be anybody.
 

Mad_Hatter

Thread starter
Joined
May 18, 2019
Messages
4,028
Location
WA
Originally Posted by Wolf359
Originally Posted by Mad_Hatter
Next thing you know some goon in Moscow is capturing all your passwords to the websites you visit as well as any stored CC, personal identifying information you have on your mobile/web browser etc.
Naw, probably Iranian or North Korean. And they have fun by trying to put the blame on Russia. But it could really be anybody.
It came from a .ru domain so I'd say Russia is a good bet...but who knows for certain, I'm certainly not gonna risk finding out.
Originally Posted by dishdude
It looks like a poorly done fake copy of a real Google warning. Everyone should have 2 factor authentication turned on for every account that offers it.
Yeppers..I have it enabled on my FB and Twitter accounts as well. When I hear people mention that they've been "hacked", I'm like how? You have 2step you can enable..why didn't you? I even have my phone SIM encrypted..you got 30 attempts before it locks FOREVER, in theory at least w/256bit encryption!...Truth is, a lot of people fall for phishing scam's not wanting to admit that they were stupid.
 
Last edited:
Joined
Jul 10, 2012
Messages
7,484
Location
South Carolina
Never click on an unexpected message. If you are in doubt, it can not be more simple then to simply go to www.google.com and log in to see what is going on if anything and then, if you REALLY want, change your password. Most of all, if you read the message, it says login "blocked" ... so there is the answer "blocked" no concern but I think. you can bet if you clicked on it, you would have had some real problems! *L*
 
Last edited:
Joined
May 12, 2015
Messages
3,010
Location
America
No normal hacker uses their own IP. So a Russian hackers would likely have a US IP. This is trying to take advantage of the antiRussian hysteria
 
Joined
Jan 2, 2004
Messages
9,575
Location
California
Originally Posted by Alfred_B
No normal hacker uses their own IP. So a Russian hackers would likely have a US IP. This is trying to take advantage of the antiRussian hysteria
If they were smart, they would use AWS or Azure and base it in a US division.
 

4WD

$50 site donor 2022
Joined
Sep 21, 2010
Messages
19,637
Location
Texas
Originally Posted by Alfred_B
No normal hacker uses their own IP. So a Russian hackers would likely have a US IP. This is trying to take advantage of the antiRussian hysteria
Could be … guess where I read this from. Hackers are a worldwide problem.
 
Joined
Jul 10, 2012
Messages
7,484
Location
South Carolina
Im clueless as to why anyone would believe a suspect message about a hack that mentions the country of origin *L* (think about it) If its suspect message, then the information in it would be too.
 
Top