Google warns Gmail users, urges urgent security upgrade
- By Web Desk -
- May 03, 2025
Google has confirmed that Gmail accounts are increasingly targeted by sophisticated phishing attacks and has issued critical advice to users.
The company emphasized the need to upgrade account security immediately to protect against attackers exploiting user credentials.
The latest attacks mimic Google’s official support channels to deceive users, with Check Point noting that Google is the second most impersonated brand after Microsoft. “As we move through 2025, phishing threats will continue to evolve, requiring heightened vigilance,” Check Point warned.
Google clarified that it never contacts users to discuss account security, such as password resets or troubleshooting. “We will not call you about your account,” the company stated. To bolster protection, Google strongly recommends adopting passkeys, which offer the highest level of security.
Passkeys allow easy sign-ins to Google accounts and select third-party services, while also verifying user identity for sensitive changes. Unlike Microsoft, which encourages removing passwords entirely, Google advises retaining passwords and two-factor authentication (2FA) as backups. Users should update passwords and link 2FA to a trusted device or authentication app, avoiding SMS-based 2FA.
The urgency coincides with the rise of AI-driven attacks, which the FBI recently warned are harder to detect. Check Point added that “AI threats are no longer theoretical—they’re rapidly evolving.” The timing aligns with World Password Day on May 1, now increasingly referred to as World Passkey Day by Microsoft and others, urging users to transition to passkeys.
The FIDO Alliance, which promotes passkey adoption, reported accelerating global uptake, with CEO Andrew Shikiar emphasizing the need to move away from vulnerable passwords to prevent data breaches and account takeovers.
While Microsoft has pushed a passwordless default, requiring its Authenticator app and excluding alternatives like Google Authenticator, Google’s approach remains more flexible but equally urgent.
With Gmail serving as a gateway to numerous platforms, experts stress that upgrading to passkeys and enhancing 2FA is critical to safeguarding accounts against the growing wave of cyberattacks.