A worrying new Gmail scam is doing the rounds with Google urging users to stay alert.
Gmail users are under attack again, with Google urging its email customers to ‘remain vigilant’. It seems cyber crooks have this popular platform – which has over a billion users worldwide – firmly in their sights and are trying to trick unsuspecting people into handing over personal details which can then be used to steal valuable data.
Now, before you start searching your inbox for worrying spam, this latest threat is using a new method to extract those details, and it all starts with a simple phone call.
The scammers ring the victim’s number and say they are from Google. Next, they attempt to gain access to the Google account by claiming they need to verify a recovery account details change.
Of course, this is simply a con. What the crooks are actually attempting is to get hold of the secure two-factor authentication code sent out by Google when requested by the user. If this lands in their hands, the criminals could easily hack the account and lock the real user out.
READ MORE: Your iPhone just got an important free upgrade from Apple – check your settings now
It’s unclear how big the problem is, but one Gmail user has just detailed how hackers tried to attack them via the scam. Writing on Reddit, EvilKittensCo confirmed that a fake Google worker had called them and said they needed to verify the recovery account.
A code was then requested in order to make sure the account stayed active.
It might sound far-fetched but the call appears to come from a real Google number and when asked for an email address an offical-looking account was supplied.
The hackers also started using pressure and fear tactics in a bid to access the account. There’s clearly more than one person affected with other Gmail users joining the thread, saying they have also been targeted by this threat.
It’s clearly a worrying trend with Google now speaking out about the scam and telling its Gmail users must stay alert.
READ MORE: Your Galaxy S25 just got beaten by a radically new smartphone from Samsung
“This is a known scam targeting a limited number of users – we have no evidence it’s a wide-scale tactic, Google said In a statement sent to Forbes.
“We’ve hardened our defenses to protect users from this type of abuse and suspended accounts that have misused Google services in these scams. But we encourage all users to remain vigilant – please reiterate to your readers that Google will not call you to reset your password or troubleshoot account issues.”
It’s worth remembering that Google will never call you without warning and the firm certainly won’t start demanding verification codes to be sent.
If you do receive a phone call from anyone claiming to be from the firm and it doesn’t feel right, you should hang up immediately and report it tp Google.
It’s also worth remembering that authentication codes are only ever to be used with trusted Google products during user-initiated security operations.
You have been warned, so stay alert.
Here are three Golden Rules from Google to help you stay safe
Slow it down – Scams are often designed to create a sense of urgency. Take time to ask questions and think it through.
Spot check – Do your research to double check the details you are getting. Does what they’re telling you make sense?
Stop! Don’t send – No reputable person or agency will ever demand payment or your personal information on the spot.
