Gmail Users at Risk: A Guide to Protecting Your Account from Recent Scams

The Threat to Gmail Users

Cybercriminals are now using the stolen data to carry out sophisticated phishing and ‘vishing’ (voice phishing) attacks. They are impersonating Google employees and contacting users via fake phone calls, emails, and text messages. These scammers create a sense of urgency, often claiming there is a security issue with the user’s account, and attempt to trick them into resetting their password or revealing login codes. If successful, they can hijack the user’s Gmail account, leading to the loss of access to personal information, sensitive files, and photos.

How to Protect Your Gmail Account

• Be Sceptical of Unsolicited Communication: Be wary of anyone claiming to be from Google who contacts you unexpectedly and asks for personal information. Google will not call you to ask for your password or verification codes. As a general rule, if you receive a suspicious message or call, do not respond and do not click on any links.

• Strengthen Your Password: A strong password is a long (at least 12 characters long) combination of uppercase and lowercase letters, numbers, and symbols. Avoid using personal information or common words.

• Enable Multi-Factor Authentication (MFA): This is a crucial security measure that adds an extra layer of protection, making your account more secure. They won’t be able to access your account without a second verification step, which is usually a code sent to your phone.

• Complete a Google Security Checkup: Google provides a free tool called Google Security Checkup that helps you review and improve your account’s security. It will identify any potential weaknesses and provide recommendations to strengthen your account’s security.

• Use Passkeys: Consider using passkeys instead of passwords. Passkeys are a more secure way to sign in, using your device’s screen lock (like a fingerprint or face scan) instead of a password, which provides stronger protection against phishing.

• Use Be Cautious of Phishing: Learn how to recognise phishing emails. Look out for poor grammar and spelling, suspicious links, and urgent requests for personal information.

• Check Your Account Activity using Google Account settings: Regularly review your account activity for any suspicious logins or changes you don’t recognise.

• Use Advanced Protection Program: Google’s free Advanced Protection Program (APP) offers maximum security for high-risk users. By following these steps, you can significantly reduce your risk of falling victim to these scams and keep your Gmail account secure.