Particle.news
Download on the App Store
4 ARTICLES
·
2w ago

Google Tightens Gmail Security After Sophisticated Phishing Campaign

The company urges 3 billion users to adopt passkeys and stronger two-factor authentication while rolling out new protections against DKIM-based attacks.

Image
Google says users still have seven days after their email is compromised to attempt to recover the account.
(Representational Image/Unsplash) Users of Gmail are facing advanced phishing attacks that evade Google's security.
Image

Overview

  • Google has confirmed the deployment of new protections to block a phishing campaign that bypassed Gmail's DKIM authentication checks.
  • The attack involved fake subpoena emails sent from a [email protected] address, which appeared alongside legitimate security alerts in Gmail threads.
  • Google is urging users to adopt passkeys and stronger two-factor authentication methods, moving away from SMS-based 2FA due to its vulnerabilities.
  • The company has published a four-step response plan for users who may have been affected, including changing passwords and enabling advanced security features.
  • Google reiterates that it will never proactively request account credentials via email, phone, or message, highlighting the importance of user vigilance against scams.