Google has issued a warning following a sophisticated phishing attack that targeted Gmail users with fake emails and login pages.
With over 1.8 billion users, the company is urging everyone to take immediate steps to protect their accounts.
1. Set up recovery options
If your Gmail is hacked, you now have just seven days to recover it before you’re locked out permanently.
Make sure you’ve added a recovery phone number and email so Google can verify your identity during the recovery process.
2. Enable two-factor authentication (2FA)
2FA adds another layer of protection beyond your password.
Google also recommends switching to passkeys, which only work on your physical device and make it nearly impossible for hackers to access your account remotely.
3. Learn to spot phishing attacks
In a recent attack, hackers sent fake legal notices that looked like they came from Google.
The email linked to a very convincing login page designed to steal credentials. It even passed Gmail’s security checks.
Google reminds users: it will never ask for your password, one-time codes, or to verify anything by phone or email.
4. Watch out for trusted-looking scam pages
Hackers used Google Sites to create fake portals that appeared trustworthy because of the “google.com” domain.
Don’t assume a site is safe just because of the URL. Always go directly to Google through your browser if you’re unsure.
5. Act fast if your account is compromised
If you think your account has been hacked, try logging in and changing your password immediately.
If you can’t get in, start the recovery process at accounts.google.com.
Remember: you have just seven days to take back control before your access is permanently revoked.
Google’s message is clear: update your recovery settings, enable strong security measures, and stay alert to phishing attempts.
ALSO READ TOP STORIES FROM NIGERIAN TRIBUNE
and then