If you're one of the one point eight billion people worldwide with a Gmail account, you want to listen to this so cyber criminals have you in their sites. A new scam is catching ossies off guard, with hackers sending phishing emails and then using a tool that can steal your web security in real time. So what do you need to know and how can you avoid becoming a victim more. We're joined by Jordan Nunham from a cyber CX live in camera. Thanks for joining us, so, Jordan, this scam sounds very widespread.

If you're one of the one point eight billion people worldwide with a Gmail account, you want to listen to this so cyber criminals have you in their sites. A new scam is catching ossies off guard, with hackers sending phishing emails and then using a tool that can steal your web security in real time. So what do you need to know and how can you avoid becoming a victim more. We're joined by Jordan Nunham from a cyber CX live in camera. Thanks for joining us, so, Jordan, this scam sounds very widespread.

What is it? Yeah, well, you're absolutely right, Chervo. This is just a factive life in the digital age. Scams are getting increasingly and incredibly sophisticated in the ways they're trying to make us part with our hard earned cash. So even if you're a very consider yourself for technologically savvy Internet user, this is a scam that could easily trip you up. And we know that there's around seven and a half million Australian to use Gmail. This is a scam that's actively being exploited on Gmail. The hackers will be downloading a set of tools and software from the dark web at a very low cost. And then using that software to send an email to you that looks quite legitimate, like it is from Gmail or Google, and asking you to click on a link and sign back into Gmail because of some security reason or other. Now, the clever part about this scam that's quite devastating is that's a legitimate Gmail signing page. Unfortunately, once you've clicked the link, you're not on your computer anymore. You're on the scammer's computer and they're harvesting your information and getting full access to your account.

What is it? Yeah, well, you're absolutely right, Chervo. This is just a factive life in the digital age. Scams are getting increasingly and incredibly sophisticated in the ways they're trying to make us part with our hard earned cash. So even if you're a very consider yourself for technologically savvy Internet user, this is a scam that could easily trip you up. And we know that there's around seven and a half million Australian to use Gmail. This is a scam that's actively being exploited on Gmail. The hackers will be downloading a set of tools and software from the dark web at a very low cost. And then using that software to send an email to you that looks quite legitimate, like it is from Gmail or Google, and asking you to click on a link and sign back into Gmail because of some security reason or other. Now, the clever part about this scam that's quite devastating is that's a legitimate Gmail signing page. Unfortunately, once you've clicked the link, you're not on your computer anymore. You're on the scammer's computer and they're harvesting your information and getting full access to your account.

Okay, what are the red flags? How can we look out for this one?

Okay, what are the red flags? How can we look out for this one?

Yeah? As I said, scammers are getting increasingly sophisticated. They're using AI and other tools to make it harder for us to spot the red flags, but they are there. So the first red flag to look out for is have you ever received an email from this person before? Even if they're claiming to be from Gmail or Google from their security team, if you've never received an email from them before, that's a red flag. The turns of phrase and the grammar they use might feel a bit off. So again, they're probably using AI to craft even better and cleverer messages, which are harder to detect. They don't have typos and really obvious mistakes. They might say something like this email hopes to find you well, rather than I hope this email finds you well.

Yeah? As I said, scammers are getting increasingly sophisticated. They're using AI and other tools to make it harder for us to spot the red flags, but they are there. So the first red flag to look out for is have you ever received an email from this person before? Even if they're claiming to be from Gmail or Google from their security team, if you've never received an email from them before, that's a red flag. The turns of phrase and the grammar they use might feel a bit off. So again, they're probably using AI to craft even better and cleverer messages, which are harder to detect. They don't have typos and really obvious mistakes. They might say something like this email hopes to find you well, rather than I hope this email finds you well.

Right, jeez, You've got to be really vigilant, don't you. There's so many people that have already fallen victim to this. What happens if you do log in and click on that link, well.

Right, jeez, You've got to be really vigilant, don't you. There's so many people that have already fallen victim to this. What happens if you do log in and click on that link, well.

Help is always at hand. Unfortunately, if you have clicked on it, your credentials might now be in the pocket of a scammer. But the really important thing would be to stay vigilant for this sort of scam in the first place. So prevention is better than cure. Make sure you're using unique and complex passwords. So if you think you have seen this email in your Gmail and you've clicked on it and you've famed victim to this, make sure you go and change that password and you're logging credentials for Gmail immediately. If you are visiting websites and you see a ro errol, it might look like a Gmail signing page, but the URL has some strange characters or extra numbers in there. That's a red flag. And make sure that if you are victims to this, you are reporting it to Google and also to a triblec scam watch, which has lots of resources for victims of scams.

Help is always at hand. Unfortunately, if you have clicked on it, your credentials might now be in the pocket of a scammer. But the really important thing would be to stay vigilant for this sort of scam in the first place. So prevention is better than cure. Make sure you're using unique and complex passwords. So if you think you have seen this email in your Gmail and you've clicked on it and you've famed victim to this, make sure you go and change that password and you're logging credentials for Gmail immediately. If you are visiting websites and you see a ro errol, it might look like a Gmail signing page, but the URL has some strange characters or extra numbers in there. That's a red flag. And make sure that if you are victims to this, you are reporting it to Google and also to a triblec scam watch, which has lots of resources for victims of scams.

Jordan just really quickly too. How often should we change our passwords?

Jordan just really quickly too. How often should we change our passwords?

Well, the general advice is you should change your password as often as you change your toothbrush. So if you go and buy a new toothbrush because the old one's worn out, that's a sort of indication that it's time to change your passwords as well. But the best thing you can do these days is actually get a password manager and just outsource all of that so that you know all, you won't know any of your passwords off the heart anymore, but your password manager will be using really complex, you know, fifteen sixteen character long passwords for all your accounts and you don't have to worry about it.

Well, the general advice is you should change your password as often as you change your toothbrush. So if you go and buy a new toothbrush because the old one's worn out, that's a sort of indication that it's time to change your passwords as well. But the best thing you can do these days is actually get a password manager and just outsource all of that so that you know all, you won't know any of your passwords off the heart anymore, but your password manager will be using really complex, you know, fifteen sixteen character long passwords for all your accounts and you don't have to worry about it.

Great advice. I feel like I need to change some of my passwords right now. What about you now? Yeah, and my toothbrush. Yes,

Great advice. I feel like I need to change some of my passwords right now. What about you now? Yeah, and my toothbrush. Yes,