CYBERSECURITY: Dangers of renting out your Gmail account

Breaking News

10/recent/ticker-posts

CYBERSECURITY: Dangers of renting out your Gmail account


Written by Manila, Philippines and made available to Ejulinks through Rappler


Over the past few months, I've seen a handful of posts on social media such as Facebook about people wanting to rent out the Gmail accounts of other people.

The transaction – let's call it that since those wanting to rent the accounts pay some amount of cash or phone load for this – requires the Gmail account to be a year old at least, with no previous rentals done on it.

The renter says it's going to be used to download apps, but there may be more to it than that, and that's something worth discussing: the risks of renting out your Gmail account.

More than just Gmail

It must be noted that if you're renting out your personal Gmail account, you may be providing access to everything Google-related you have.

Your Gmail account doubles as your Play Store account, as well as your Google Chrome and Drive sign-in and as the login for other services, such as blog commenting privileges on WordPress.

While those looking for accounts to rent say the purpose is to download apps, renting out access for one Gmail account can open up your private life to your detriment. It'd be worse still if they change your password and lock you out.


How will they get access?

This transaction also makes me worry because it's a lot like a Buzzfeed News report from 2019 in which people were paying to rent out Facebook accounts in exchange for cash or a free laptop. In this case, how will the renter access your Gmail account?

What's noticeable in Buzzfeed's report is that, aside from filling out a form for this, it seems to be a more sophisticated operation.

Users in the Facebook rental article may be asked to install a browser plugin or grant the renter access (using remote access programs like TeamViewer) to set up a Facebook ads account linked to the user's profile.

In this case, this is also a large security risk, and much like the Gmail renting issue, it allows the one renting access to take your data and run away with it without your knowledge.

Liability for malicious actions?

While the Gmail accounts are supposedly being used to download apps, you may not necessarily know if what's being downloaded is safe or if what they're doing with your account is even benign.

While they aren't using your device specifically, the downloads or sign-ins would be tied to your account.
In the long run, this means your Gmail may get flagged as a spam or troll account in the future if it's being used, for instance, as part of a clickbait farm or a comment astroturfing operation. You can expect to lose access to your account if found out.

There may be even more serious offenses one can do with a rented account, such as sending threats or false information to someone else using your email account.

It's also not out of the realm of possibility that they'd use your Gmail account to sign up on other platforms such as Facebook or Twitter to simulate a real person for the purpose of spreading disinformation.

Don't give in

Gmail owners should not rent out their accounts because of the risks involved and the hassle of getting things back under control if things go south. That said, some people may have already done so without realizing the consequences of the act.

To mitigate this, it'd be best if you tried locking down your account as soon as possible.

To do this, change your password and add two-factor authentication to your Gmail account so those renting can no longer use your account at their leisure.

While you can track what's being downloaded onto devices connected to your account by checking your installed apps on Google Play Store, you can also revoke the access of specific apps and devices to your Google account. This Google support page outlines how to go about revoking access to apps. Meanwhile, following this page leads to the steps to revoking trusted devices or computers from your Google account.

Post a comment

0 Comments