Google Issues Warning As Hackers Mimic Gmail Security Alerts To Steal Passwords
Google has warned Gmail users about fake emails trying to steal their passwords. The tech giant advised Gmail users to check security settings and avoid suspicious links.
Google has urged Gmail users to stay alert after a rise in hacking attempts aimed at stealing account details. According to a report in Forbes, the US tech giant said more people are now receiving its “suspicious sign-in prevented” emails, which are sent when Google blocks unauthorised access.
Attackers are taking advantage of users’ concerns by imitating Google’s security alerts. Google issued a warning, stating, “Sometimes hackers try to copy the ‘suspicious sign-in prevented’ email to steal other people’s account information. Always be wary of messages that ask for personal information like usernames, passwords or other identification information, or send you to unfamiliar websites asking for this information.”
These fake messages often look convincing and include links or buttons that take users to fraudulent sign-in pages. Entering details on such pages allows hackers to hijack accounts and access sensitive information, the Forbes report added.
How To Stay Safe
To stay secure, if you receive an email from Google alerting you about suspicious activity, follow the steps below to review your account and update your password if you notice anything unusual.
Open your Google Account.
From the menu on the left, select ‘Security’.
Under Recent security events, click Review security events.
Go through the list of recent activity and check for any devices or locations you don’t recognise. You can click on any event to view more details.
If you find an activity that seems unfamiliar, click Secure your account at the top of the page.
Follow the instructions to reset your password and protect your account.
The company recommends adding passkeys for stronger protection. Google says that passkeys provide a password-free way to sign in, making the login process easier and more secure across apps and websites. Unlike passwords, which can be stolen, guessed, or even forgotten, passkeys are unique digital credentials linked directly to a user’s device.
Scammers Use Innovative Ways For Phishing Attacks
The surge in Gmail scams mirrors other recent online frauds, such as the Amazon refund scam, where users are lured into giving away login credentials through fake messages, reported Forbes.
Researchers have also warned of phishing emails that pretend to deliver voicemail notifications. Malware analyst Anurag, in a recent Reddit post, highlighted a case where an email with a “Listen to Voicemail” button was actually designed to capture sensitive details.
