Google is advising Gmail users to make changes to how they access their email accounts in response to ongoing scams. According to Forbes, the tech giant says users are being targeted by scammers through sophisticated phishing attempts that include emails that appear to be from Google.
Fake emails might come from no-reply@google.com like you see below.
Recently I was targeted by an extremely sophisticated phishing attack, and I want to highlight it here. It exploits a vulnerability in Google's infrastructure, and given their refusal to fix it, we're likely to see it a lot more. Here's the email I got: pic.twitter.com/tScmxj3um6
— nick.eth (@nicksdjohnson) April 16, 2025
Google says while fake email scams are rarely successful, traditional phishing attempts remain a danger to users. A recent update to Gmail filters out 99% of phishing emails, but users need to do more to protect their accounts.
Google says you need to change your account settings to ensure you add a passkey and that you don’t rely on SMS two-factor authentication (where a text message provides a code to enter to gain access) as soon as possible.
Google says if you fail to follow this advice, you could find yourself losing access to your account and all your content. If you do lose your Gmail account, you will have a limited window to get it back.
Aside from setting up stronger verification, Google says users must remember that in no circumstances will anyone from Google’s support staff reach out and ask you to provide account credentials. Anyone calling, emailing or messaging you claiming to be from Google and asking for your account information is likely trying to scam you. If you receive an email from “Google” directing you to a website where you have to enter in your username and password, that is a scam as well.
