Corporate Gmail Accounts Being Targeted With New Stealth Attack Method
A hacking group has a new toolkit for breaking into corporate Gmail accounts and reading emails, calendar data, and other information while staying hidden.
Source
DataBreaches.net
Original headline: Kaspersky Lab experts have discovered a new attack vector and toolkit for compromising corporate Gmail accounts
Plain-English summary by GetCyberRight. Read the full report at the source above.
Kaspersky Lab security researchers discovered a new attack method being used by a hacking group called ToddyCat. This toolkit allows attackers to compromise corporate Gmail accounts and access user information through Google's API (the system that lets programs interact with Google services). Once inside, attackers can read email conversations, harvest calendar information, and access data from other Google services while remaining undetected for long periods. This threat primarily targets businesses and organizations using corporate Gmail accounts (Google Workspace). Personal Gmail accounts used by families for everyday email are not the focus of this specific attack toolkit. However, if a family member uses a work Gmail account provided by their employer, that work account could be vulnerable if their company uses Google Workspace.
For families using personal Gmail accounts, continue following standard security practices.
- Enable two-factor authentication on your Gmail account if you have not already. Go to your Google Account settings, select Security, and turn on 2-Step Verification.
- Review your account's security checkup at myaccount.google.com/security-checkup.
- Check which apps and services have access to your Google account and remove any you do not recognize or use. If you use a corporate Gmail account for work, alert your company's IT security team about this new threat so they can assess whether additional protections are needed. Protecting email accounts requires ongoing attention because email contains so much personal and sensitive information. Use strong, unique passwords for every account. Enable two-factor authentication wherever available. Regularly review which apps have access to your accounts and remove old or unused permissions. These habits create multiple layers of protection that make it much harder for attackers to succeed.
Curated from trusted cybersecurity sources by GetCyberRight
Source: DataBreaches.netStay ahead of cyber threats
Get our free weekly digest. Real threats, plain language, what to do about them. No spam, ever.
More articles

Government and Critical Infrastructure Systems Targeted in Southeast Asia
A hacking group linked to China compromised at least 10 organizations in Southeast Asia, including two government-owned entities.
2 min read
Foreign Hackers Target Critical Infrastructure in Southeast Asia. What It Means for Safety.
A hacking group linked to China compromised at least 10 organizations in Southeast Asia, including state owned entities that manage critical systems affecting public services.
2 min readFake Venezuela Earthquake Charity Sites Steal Your Donations
Scammers created 212 fake charity websites in just five days after Venezuela's earthquake. Here's how to donate safely and protect your family.
3 min read212 Fake Disaster Relief Sites Created in Just 5 Days
Scammers registered 212 fake Venezuelan earthquake relief websites in five days. Here's how to protect yourself when donating after disasters.
3 min read