Gmail Users Targeted by Rogue Password Recovery Tool

Consumers trying to recover forgotten Gmail passwords have been reminded not to use the widely-circulating Gmail hacker Pro software, which claims it can recover passwords for a fee.

Webmail password recovery scams are nothing new but this particular one can turn up in several guises, starting with the simple fee scam uncovered by GFI Labs.

Gmail Hacker claims it can search the hard drive for the forgotten Gmail password, returning it for a fee of $29.99 (£19), in spite of the fact that Google itself offers the same password recovery and reset for nothing using its own service.

The program "processes" the user's Gmail address before demading the payment in return for a generated key.

"Clearly, this is designed to extract a tidy sum of money from unwitting users, and we'd like to save you, Dear Reader, the trouble of wanting to try it out. We categorize GMail Hacker Pro as a Trojan under the detection name GmailHackerPro.pj!.1a.," says GFI in a new blog.

Similar-sounding programs have been doing the rounds which invite users to hack the mailboxes of others after first entering their own Gmail username and password. This of course is a ruse to hijack the user's accounts from where all contacts found have their email addresses harvested to generate more victims.

Normally, passwords are not stored locally (the safest access method) unless browsers are set to log users into Gmail or Hotmail automatically, in which case the password will be stored on the hard disk. This is often where trouble starts. Users check the auto login but months later cannot remember what the password was when they fire up a browser on a second PC.

It varies between browsers. In Mozilla, if set up to be cached these passwords will in theory also available directly under Tools/Options/Security/Saved Passwords.

The safest method is to use a password storage system such as LastPass, which keeps logins locally and online in an encrypted database, in which case they are available from any browser with the plug-in installed once a master password has been entered.

Subscribe to the Security Watch Newsletter

Comments