Gmail has been massively hacked, and Google advises users to strengthen their protection.
Almost all internet users have a Gmail account, and there have been reports of large-scale cybersecurity risks recently!
According to a report by Forbes on August 25, Google has confirmed that hackers are infiltrating Gmail accounts, and the numerous successful intrusions are due to leaked user account passwords.
Since August, multiple warnings have indicated that '2.5 billion Gmail users worldwide are now at risk' due to a hacker breach of Google's own Salesforce database.
(Forbes) points out that the latest warnings show that scammers impersonate Google customer service representatives, contacting account holders through email and phone, even using Google's own AI technology to assist in the scams.
These attack methods lead to fake login pages to steal user passwords, and sometimes add extra steps to trick users into providing 2FA codes or completely bypassing 2FA verification.
According to a report by PC World, Google stated that general information such as customer and company names was leaked, but passwords were not compromised. However, users of Google services such as Gmail and Google Cloud now face the risk of phishing attacks.
Most Gmail users still rely on traditional passwords, lacking sufficient security protection.
According to Google statistics, only 36% of users worldwide regularly update their passwords, which means that most users need to update their passwords immediately and change them regularly.
Additionally, most Gmail users' accounts have not yet set up a passkey and still rely on traditional passwords, and may also use some basic two-factor authentication (2FA).
Google explains that a passkey is a new authentication technology that allows users to easily create online accounts and log in securely using a fingerprint, facial scan, or device PIN.
Before this wave of attacks, Google had already advised most account holders to upgrade their account security.
For example, use a form of two-factor authentication that is not SMS-based, and more importantly, add a passkey to the account and set it as the default login method. However, unless passwords are completely removed (as suggested by Microsoft), password access remains an inherent vulnerability of the account.
How to protect your Gmail account from being stolen?
(Forbes) suggests that Gmail users can take the following 3 protective measures:
If you have not changed your Gmail password this year, please do so immediately.
Use a standalone password manager (not built into Chrome or other browsers) to select and save new passwords.
Next, switch the 2FA to an authentication app, and if you don't have a key yet, please add one immediately.
Furthermore, if any login window on a device with an existing passkey requests a password, this is a dangerous signal. Users should never log in through links, even if they appear to come from Google.
If users are concerned about account security, it is recommended to go directly to the Google account, click on the 'Security' option, and check 'Security Activity Review' to confirm the account status.
See more cybersecurity-related news:
No private key? Analyzing the Sui major DEX hacking case: How to authorize on-chain asset transfers without a private key.
Fake CAPTCHA attacks rampant, with the Justice Department and Microsoft both failing; wallets may become hacker targets.
I encountered job scam! Sharing 3 common tricks used by hackers: Identifying Web3 social engineering attacks.
Android phone users be careful! This spy app is stealing account passwords, with personal data of tens of thousands already compromised.
Be careful! Kaspersky: Malware infects Coin, and these 4 apps should never be installed.
The article 'Google Confirms Hackers Have Infiltrated Gmail! All 2.5 Billion Users at Risk, Quickly Do These 3 Things to Protect Your Account' was first published by 'Encrypted City'.