Updated on August 31 with fresh guidance amid renewed Gmail security alerts.
Google has expressed exasperation over sensational headlines claiming that “2.5 billion Gmail accounts were compromised in a massive hack.” According to the company, this is inaccurate — neither Google Cloud nor Gmail data was impacted in the recent Salesforce-related breach.
Nonetheless, Gmail remains a prime target. Google has acknowledged a sharp escalation in attacks where cybercriminals are successfully infiltrating user accounts. This ongoing threat has proven far more persistent than the uproar following the Salesforce incident.
“Please remind readers that Google will never call to reset passwords or troubleshoot accounts,” the company stressed.
Despite this, fraudsters are continuing to trick users with calls that appear to come from Google’s customer support line.
Proton has cautioned that scammers often impersonate Google staff, using phone numbers with a 650 area code. They typically claim suspicious login attempts have been detected on a Gmail account.
If the target complies, the fraudster persuades them to reset their password “for protection.” In reality, this allows the attacker to seize control of the account, locking out the rightful owner and causing significant disruption.
The most notorious spoofed number is +1 (650) 253-0000 — the genuine contact line for Google’s headquarters. Cybercriminals exploit its credibility to deceive victims.
On Reddit, one user described receiving a call from a “man with a distinctly Californian accent,” claiming unauthorized access attempts were made and guiding the victim through supposed “security measures.”
Cyber Press reports that these attacks usually begin with failed account recovery attempts from abroad. These serve as probes to test defenses and generate urgency. Days later, victims receive fraudulent calls from the spoofed Google number, reinforcing the deception.
Receiving a call from that number should be treated as a red flag. Users are advised to log into their Google accounts only through the official website, then navigate to Security → Review Security Activity to check for unfamiliar logins. If none are present, there is no cause for alarm.
During this process, running a Security Checkup is recommended. Users should:
- Switch from SMS-based two-factor authentication to an authenticator app.
- Enable passkeys for stronger protection.
- Update passwords to long, unique combinations.
Despite clarifications, headlines about compromised Gmail passwords continue to circulate, amplifying confusion around the Salesforce breach.
David Matalon of Venn emphasized that “Google’s warning highlights how compromised credentials remain a critical vulnerability.”
Shane Barney of Keeper Security echoed this, noting that weak or stolen credentials are consistently the easiest entry point for hackers.
“Phishing, credential stuffing, and social engineering are favored because breaking encryption is far more difficult,” he explained.
Matalon further cautioned that “personal devices used for corporate access are often a weak link.” He advised companies to adopt zero-trust frameworks and robust data loss prevention tools to separate work and personal data.
“The strongest defense is layered security,” Barney concluded. For Gmail users, this involves employing a password manager, activating two-factor authentication via an authenticator app, and enabling passkeys where available.
While these measures cannot guarantee absolute immunity, they significantly reduce the chances of account takeover and diminish the appeal for attackers, which is precisely the objective.
Source link: Forbes.com.
