Latest news with #NickJohnson
Business Insider
29-06-2025
- Business
- Business Insider
Deutsche Bank Sticks to Its Buy Rating for 3i Group plc (III)
Deutsche Bank analyst Nick Johnson maintained a Buy rating on 3i Group plc (III – Research Report) yesterday and set a price target of £45.00. The company's shares closed yesterday at p4,161.00. Confident Investing Starts Here: Easily unpack a company's performance with TipRanks' new KPI Data for smart investment decisions Receive undervalued, market resilient stocks right to your inbox with TipRanks' Smart Value Newsletter Johnson covers the Financial sector, focusing on stocks such as Saga plc, Hannover Rueck, and Munich Reinsurance. According to TipRanks, Johnson has an average return of 16.3% and an 89.47% success rate on recommended stocks. Currently, the analyst consensus on 3i Group plc is a Moderate Buy with an average price target of p4,490.83, a 7.93% upside from current levels. In a report released yesterday, Citi also maintained a Buy rating on the stock with a £50.00 price target. III market cap is currently £40.17B and has a P/E ratio of 7.97. Based on the recent corporate insider activity of 106 insiders, corporate insider sentiment is negative on the stock. This means that over the past quarter there has been an increase of insiders selling their shares of III in relation to earlier this year.
Jordan News
22-05-2025
- Jordan News
Urgent Warning from Google: Delete Emails from This Address Immediately - Jordan News
Google has issued an urgent warning to Gmail users worldwide about a wave of dangerous cyberattacks targeting accounts through emails that appear official and come from "[email protected]"—but are actually fraudulent messages designed to steal sensitive information. اضافة اعلان These phishing emails attempt to deceive users by pretending to be a legal notice from Google, claiming the company has received a court order to hand over account contents to law enforcement. In reality, the message contains a malicious link leading to a fake support page hosted on platforms affiliated with Google, giving it a false sense of legitimacy. According to cybersecurity experts, clicking the link grants hackers access to the user's email and files. In some cases, downloading fake files can install malware capable of stealing passwords and banking information—or even taking full control of the device. In a related update, Google announced the end of security support for three of its most popular Android phones, putting them at high risk of cyberattacks, as they will no longer receive critical security updates. Meanwhile, Nick Johnson, a former Google developer, explained that this attack exploits official authentication tools like Google OAuth, tricking users with accurately mimicked login pages. Google strongly emphasized the importance of ignoring and immediately deleting such emails. The company also warned against clicking any suspicious links or downloading attachments from untrusted sources. The tech giant advised users to visit the official support site— verify any notifications, and recommended using Passkeys instead of traditional two-factor authentication, as they offer stronger protection against these types of attacks. Cybersecurity firms also urged users to check the full email address, not just the display name in their inbox. These phishing emails are often sent from unusual addresses that begin with the word "me", which can easily mislead users.
Metro
21-05-2025
- Metro
Warning to 1,800,000,000 Gmail users over sophisticated scam
Gmail users have been warned about a highly convincing scam email thatappears to come from Google themselves. The email seems to come from no-reply@ which is the address that real security updates come from. It links to a webpage hosted by Google, too, which is another convincing sign. But the website was not made by them; it was made by scammers trying to trick you. The email claims that 'a subpoena was served on Google LLC requiring us to produce a copy of your Google Account content'. It links to a domain designed to look like Google's genuine support page. However, the real support webpage is on while the 'sites' domain is one that anyone can build a free webpage on. Ordinary users are unlikely to know or notice this, however, and could inadvertently grant scammers permissions that could allow them access, or target you with malware. Security software firm Kaspersky said that there are other clues, too. If you look closer at the email details, the to and mailed-by fields contain a jumble of letters of emails which have nothing to do with Google, showing me[@]googl-mail-smtp-out-198-142-125-38-prod[.]net and The scam was first revealed by tech developer Nick Johnson. The scammers used Google OAuth technology, which is what you see when you use your Google details to sign into a different app. Those who fell victim to the scam approved the permissions thinking they were giving Google themselves permission. It is not clear exactly what the scammers hoped to achieve by this, but could involve data theft or infecting the victim with malware. Kapersky said that when an OAuth app is registered, 'the web application administrator can manually enter completely arbitrary text in the App Name field – this is what the criminals apparently took advantage of.' The mechanism that attackers used to do this has now been shut down, which will prevent this method of attack from working in future. A Google spokesperson said: 'We're aware of this class of targeted attack from this threat actor and have rolled out protections to shut down this avenue for abuse. 'In the meantime, we encourage users to adopt two-factor authentication and passkeys, which provide strong protection against these kinds of phishing campaigns.' They recently issued guidance on spotting scams, saying they will not ask for any of your account credentials, including your password, one-time passwords, confirm push notifications, and will not call you. Get in touch with our news team by emailing us at webnews@ For more stories like this, check our news page. MORE: People are placing bets on which five escaped New Orleans prisoners will be caught last MORE: Stalker detective tried to 'destroy' ex's life by lying he was a paedophile MORE: School boys deny throwing massive seat over balcony at Westfield
Daily Mail
20-05-2025
- Daily Mail
Google issues warning to all 1.8b Gmail users over dangerous attack: 'Do not respond to messages'
Google is warning its nearly two billion Gmail users to immediately delete a concerning email that tries to look like it comes from Google itself. The new scam is called a 'no-reply' email attack because victims receive a supposedly official message from no-reply@ Inside the email, recipients will find a notice claiming that Google has been subpoenaed by law enforcement to release everything in the user's account. The email even contains a link to a Google support page that appears to have all the details about what's happening regarding the legal case against you. However, company officials have said it's all a fake, created by online scammers looking to gain access to a victim's personal information. The attack is triggered when Gmail users click the link and then download or approve permissions to view the phony legal documents. By doing this, the victims unknowingly give the scammers limited access to their Google account, like the ability to read emails or access files. In some cases, downloading the fake Google files spreads malware into the victim's device, which is harmful software that can steal even more information, including passwords and bank details. According to Nick Johnson, a leading tech developer who has worked for Google and cryptocurrency Ethereum, the scammers pull this off by exploiting Google's own systems. Specifically, the new attack makes use of a tool called Google OAuth, which lets third-party apps access Google accounts with the user's permission. Scammers create a fake web address that looks similar to Google's, set up an email account on it, and register a fake app with Google. This app sends a notification email that looks real because it comes from Google's system, but it's actually forwarded to victims through a service that hides the scam. The scam email includes a link to a fake Google Support page, hosted on Google's own which makes it seem trustworthy. When a Gmail user clicks on the link, the attack begins. The link takes them to a page that looks like a real Google login screen. After signing in, they land on a fake webpage that mimics Google's official support site and fools them into granting permissions to the scammer's app. By downloading or approve permissions to view the phony subpoena, the victim unknowingly gives the scammer access to their account, allowing them to read emails and access the user's private files. The email scam pretends to notify the victim that their account information has been subpoenaed by law enforcement, tricking the user into clicking a harmful link The information that can be stolen in this phishing attack can vary depending on what the victim clicks or downloads. In the worst case scenarios, downloading malware into your device can give cybercriminals an open door to steal passwords, access financial records in banking apps, and even hijack the device itself by locking the user out remotely. Johnson explained on X that the key mistake users make is trusting the email and clicking the link. To stay safe, Gmail users should check the email carefully before following any of its instructions. Look at the 'to' and 'mailed-by' fields in the email header. If they show strange addresses, it's a scam. Cybersecurity company Kaspersky added that these email addresses typically start with 'me.' For example, me@ While the address obviously seems suspicious, the only thing many Gmail users will see is 'me' in their inbox, and that can confuse many people into thinking the message comes from someone they know. Once they open it, they're confronted with a phony legal notice that scares them into taking action immediately. The cyber experts are urging anyone with a Google account to never click on a suspicious link inside an email. Moreover, never download material online unless it's coming from a trusted source on a legitimate website. If you're unsure, go directly to Google's official website by typing into your browser, not clicking a link in an email. Using a good antivirus program can also help catch these phishing emails before they cause harm. Google is also warning its 1.8 billion users to check their security settings, remove the popular two-factor authentication security measures and switch to passkeys instead. Passkeys are a passwordless, phishing-resistant technology that uses cryptographic keys stored on a user's devices and are authenticated using biometrics - like a fingerprint, face scan, or a PIN number. Tech giants like Microsoft have argued that passkeys are now safer than two-factor authentication, which typically involves sending a one-time code to your phone or email when signing in.
Forbes
15-05-2025
- Forbes
Google Confirms Gmail Warning—Do Not Lose Your Account
Gmail warning comes around again. Gmail users face a new tidal wave of warnings as a dangerous new account threat makes headlines again. Gmail accounts are prized by hackers as a valuable store of information and as a gateway to other platforms and services. New and 'nearly perfect' AI threats mean those accounts are now at risk — make sure you don't lose yours. A new alert from Kaspersky has just warned Gmail users that 'law enforcement agencies are interested in your account.' This is making headlines, with reports (1,2) of 'hackers abusing Google Services to send malicious law enforcement requests." The attack itself was first reported in April, when a crypto engineer warned he 'was targeted by an extremely sophisticated phishing attack" which 'exploits a vulnerability in Google's infrastructure.' At the time, it seemed Google was 'refusing to fix it,' and so Ethereum's Nick Johnson suggested 'we're likely to see it a lot more.' 'Imagine,' Kaspersky says, 'you receive a letter notifying that Google has received a summons from law enforcement agencies demanding to provide the contents of your account. The letter looks quite 'Google-like', and the sender's address is quite respectable — no-reply@ Inside, a slight feeling of panic immediately wakes up (at least), doesn't it?' The attack is cleverly constructed. 'Even the link looks quite plausible — the address includes the official Google domain and the support ticket number mentioned above. Only sophisticated users will notice the catch: all Google support pages are located on the link immediately leads to a certain But the calculation of attackers is on those users who do not understand such details.' But the objective is simple. As I explained last month, it links to a Google-hosted credential phishing page that mimics the real thing, but which takes over your account. Kaspersky highlights the following telltale signs: But as Kaspersky says, 'all these signs are quite difficult to notice for an ordinary layman, especially if he is frightened by the prospect of trouble with law enforcement agencies. Even more confusion is added by the fact that the fake letter is signed by this Google — is indicated in the signed-by field.' Google has pushed out a fix. 'We're aware of this class of targeted attack,' it confirms, 'and have been rolling out protections for the past week. These protections will soon be fully deployed, which will shut down this avenue for abuse. In the meantime, we encourage users to adopt two-factor authentication and passkeys, which provide strong protection against these kinds of phishing campaigns.' But more importantly, Google will not reach out to you in this way, and will never ask for your account credentials or send you to a page where you can enter them. It has emphasized this repeatedly, especially when it comes to account security and tech support issues. If you ever receive a communication with any lure purporting to come from Google, access your account using normal channels and reach out to them directly. That's only if you can't dismiss it as a scam right away and delete the message. Ironically, in tandem with this story breaking again, Google has also confirmed new scam defenses rolling out to Chrome, using on-device AI to intercept scams in real time. This latest one is exactly the type of message such defenses need to block.
