Tech giant Google has issued a major security warning to its 2.5 billion Gmail users following a fresh wave of cyber attacks targeting personal and corporate accounts. The company disclosed that cybercriminals, taking advantage of recent large-scale data breaches, have intensified phishing and social engineering schemes, making millions of users vulnerable to credential theft and unauthorized access.
According to Google, the surge in attacks has been linked to the hacker group known as ShinyHunters, which allegedly exploited a breach of Salesforce’s cloud platform to gain access to sensitive company and customer data. Using this information, attackers are now crafting highly convincing scams, including fake emails and impersonation calls—commonly referred to as phishing and vishing—that trick users into surrendering passwords, verification codes, and other private information.
Security experts warn that the sophistication of these scams poses a major risk as criminals now employ artificial intelligence tools to generate realistic emails and mimic official Google communication. Google noted that many users still rely on outdated or reused passwords, leaving them even more exposed. Reports reveal that less than half of users regularly update their login credentials, despite repeated warnings about the dangers of password recycling.
To mitigate these risks, Google has urged all Gmail users to immediately change their passwords, enable stronger two-factor authentication (preferably app-based or hardware keys), and adopt passkeys, which the company describes as a safer alternative to traditional logins. Additionally, users are advised to conduct regular Google Security Checkups, avoid clicking on suspicious links, and use password managers to store and generate unique credentials.
The company emphasized that the ongoing cyber threat is one of the most widespread security challenges in recent years, highlighting the need for vigilance as hackers continue to evolve their techniques. By strengthening account security and adopting recommended safety practices, Gmail users can reduce the risk of falling victim to these global cyber attacks.
