Categories: Security newsTechnology

Here Is How Hackers Bypass Google’s Two-Factor Authentication



Hackers Bypass Google’s Two-Factor Authentication By Taking Social Engineering To A New level

You may have read reports of Gmail accounts being hacked despite the user having enabled the famed Google 2FA or two-factor authentication. This is because hackers are employing a new strategy to lure gullible users to hand over the 2FA code.

Some people can be tricked into disclosing their two-factor authentication code to criminals, as there is a new sly trick that makes them think that are in fact protecting their accounts while doing so.

Two-factor authentication (referred 2FA) is an important safety measure current mainstream of online services, from banks to Google, Facebook, and government agencies who have gradually adopted the security measures. In the two-factor authentication to protect the account needs to log operation when you need to enter a verification code to send SMS text messages, or even enter the correct password will be blocked by the system.

The login is classified as a hacking attempt, if the user doesn’t enter the code quickly, and the user is blocked from accessing the account, even if they entered the correct password.

Alex MacCaw, co-founder of Clearbit.com, tweeted out the image of an SMS he had just received on his Twitter. Anonymous attacker sent a phase MacCaw posing Google’s SMS messaging, message reads as follows:



“(Google™ Notification) We recently noticed a suspicious sign-in attempt to jschnei4@gmail.com from IP address 136.91.38.203 (Vacaville, CA). If you did not sign-in from this location and would like to lock your account temporarily, please reply to this alert with the 6-digit verification code you will receive momentarily. If you did authorize this sign-in attempt, please ignore this alert.”

Mainly, the attackers were mentally preparing the victim to receive the 2FA verification code, in order to facilitate the following illegal login attempt they were about to perform. The criminals were going to access MacCaw’s account, and when his 2FA system would commence, MacCaw would act to lock his account by sending the “verification code to Google.” In fact, MacCaw would be sending the 2FA code to the criminal, who would then enter it in the login page and access his account, with his help.

Thankfully, MacCaw was able to detect their strategies and didn’t fall for this new type of social engineering hoax. However, if you are a Gmail user, you should take precautions and not fall for these new tricks being used by hackers to gain access into your Gmail and Google accounts.

Kavita Iyer

An individual, optimist, homemaker, foodie, a die hard cricket fan and most importantly one who believes in Being Human

Recent Posts

  • Facebook
  • Technology

Facebook Dating feature starts rolling out in Columbia

Facebook officially launches its dating service in Columbia Facebook has started rolling out a countrywide test of its new online…

43 mins ago
  • Alternatives
  • List

Terrarium TV Down- Best Alternatives To Watch Free Movies In 2018

Terrarium TV was perhaps the best app for watching free movies and TV shows. This free application was available on…

6 hours ago
  • Explanatory
  • Tips and Tricks

How to Login into Belkin Router 192.168.2.1? (Working 2018)

Routers play a very crucial role in getting access to the internet. They act as a medium between the user…

7 hours ago
  • Laws and Legalities
  • News

Cloudflare requested to expose Showbox, YTS and Popcorn Time site operators

Movie studios obtain subpoena that orders Cloudflare to expose piracy site operators including Showbox, YTS and Popcorn Time site A group…

1 day ago
  • Laws and Legalities
  • Security news

Mirai botnet masterminds helping FBI to avoid jail time

Mirai botnet creators avoid prison time by assisting FBI as part of their sentencing Remember the three young hackers who…

1 day ago
  • leak
  • News

Winamp’s new beta version 5.8 leaks online

Winamp 5.8 beta leak surfaces on the web A beta version of the upcoming Winamp 5.8 has been leaked online…

2 days ago