Security-related issues and vulnerabilities can come to us from anywhere, anytime. Even when accessing our password manager from the reference browser, GoogleWe are taking risks today.
Throughout recent times we are seeing various vulnerabilities and attacks related to the search giant. We start from the assumption that a multitude of users use Google to access all kinds of web services and platforms. This includes our password managers where we store all passwords securely. This is something that has now been focused on by the popular manager 1Passwordas we will see below.
And it is that at this time we can affirm that this is an online service to save our passwords in the cloud that is in the crosshairs of attackers. As has happened in the past with other similar platforms, 1Password users are now the target. Specifically, the risk is given by certain malicious ads that we can find in GoogleSearch. This is something that has been seen in recent times through 1Password phishing ads.
These ads that appear on Google urge us to log into the password service as if it were the legitimate web. Therefore, users of the platform click on them to access their account. However, if we look closely at these advertisements are slightly different than original and legitimate. But with everything and with this, on many occasions we do not look at these differences in the texts of the ads. Hence precisely the success of the attackers with this campaign.
Be careful if you use 1Password, you are at risk
As expected, these phishing ads point to websites other than the manager, all in order to steal our passwords stored here. At this time, Google itself already detects them as threats and it seems that the ads have disappeared from searches. However, experts suggest that they could reappear at any moment.
With everything and with this, we recommend you change the master access password to 1Password as soon as possible in case we have been victims and we have not realized it. And we must take into consideration that the cloud-based password managers support web logins. This means that your customers can access all passwords online without the need for a desktop application.
Thus, the phishing website requested the user’s email address, as well as the master password and password. Secret password. From then on, the attackers already had access to our original 1Password account. Precisely for this reason it is important to change that password and regenerate the secret key to avoid taking risks. In parallel, it is also advisable to change the passwords stored here in the event that we see any strange movement on the platform to which they refer.
Over the past few months we have been seeing several phishing attacks targeting password managers in the cloud. This means that, if we access our account from the Google search engine, we should look closely and make sure that we are on the legitimate site.
