Google Confirms Gmail Warning—Do Not Lose Your Account
Gmail warning comes around again.
Gmail users face a new tidal wave of warnings as a dangerous new account threat makes headlines again. Gmail accounts are prized by hackers as a valuable store of information and as a gateway to other platforms and services. New and 'nearly perfect' AI threats mean those accounts are now at risk — make sure you don't lose yours.
A new alert from Kaspersky has just warned Gmail users that 'law enforcement agencies are interested in your account.' This is making headlines, with reports (1,2) of 'hackers abusing Google Services to send malicious law enforcement requests."
The attack itself was first reported in April, when a crypto engineer warned he 'was targeted by an extremely sophisticated phishing attack" which 'exploits a vulnerability in Google's infrastructure.' At the time, it seemed Google was 'refusing to fix it,' and so Ethereum's Nick Johnson suggested 'we're likely to see it a lot more.'
'Imagine,' Kaspersky says, 'you receive a letter notifying that Google has received a summons from law enforcement agencies demanding to provide the contents of your account. The letter looks quite 'Google-like', and the sender's address is quite respectable — no-reply@accounts.google.com. Inside, a slight feeling of panic immediately wakes up (at least), doesn't it?'
The attack is cleverly constructed. 'Even the link looks quite plausible — the address includes the official Google domain and the support ticket number mentioned above. Only sophisticated users will notice the catch: all Google support pages are located on support.google.com, the link immediately leads to a certain sites.google.com. But the calculation of attackers is on those users who do not understand such details.'
But the objective is simple. As I explained last month, it links to a Google-hosted credential phishing page that mimics the real thing, but which takes over your account.
Kaspersky highlights the following telltale signs:
But as Kaspersky says, 'all these signs are quite difficult to notice for an ordinary layman, especially if he is frightened by the prospect of trouble with law enforcement agencies. Even more confusion is added by the fact that the fake letter is signed by this Google — accounts.google.com is indicated in the signed-by field.'
Google has pushed out a fix. 'We're aware of this class of targeted attack,' it confirms, 'and have been rolling out protections for the past week. These protections will soon be fully deployed, which will shut down this avenue for abuse. In the meantime, we encourage users to adopt two-factor authentication and passkeys, which provide strong protection against these kinds of phishing campaigns.'
But more importantly, Google will not reach out to you in this way, and will never ask for your account credentials or send you to a page where you can enter them. It has emphasized this repeatedly, especially when it comes to account security and tech support issues. If you ever receive a communication with any lure purporting to come from Google, access your account using normal channels and reach out to them directly.
That's only if you can't dismiss it as a scam right away and delete the message. Ironically, in tandem with this story breaking again, Google has also confirmed new scam defenses rolling out to Chrome, using on-device AI to intercept scams in real time. This latest one is exactly the type of message such defenses need to block.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
TechCrunch
30 minutes ago
- TechCrunch
TC Sessions: AI Trivia Countdown — score big on tickets
TechCrunch Sessions: AI hits UC Berkeley's Zellerbach Hall on June 5 — and today's your shot at AI trivia glory and two tickets for the price of one. Answer a few brain-busting questions on artificial intelligence, and if you ace it, you might just find a special promo code waiting in your inbox. Every day brings new questions — so don't get discouraged if you don't know today's answers. But don't wait too long. The last day of Countdown AI Trivia is June 4. Don't miss your chance to win big and be part of the AI action this Thursday. Whether you know which AI model kicked off the large language model revolution or what year OpenAI launched ChatGPT, this is your time to shine. How it works Step 1: Answer the AI trivia questions on this form Step 2: Watch your inbox for the special code if you win Step 3: Use the code to claim your 2-for-1 ticket deal Techcrunch event Save now through June 4 for TechCrunch Sessions: AI Save $300 on your ticket to TC Sessions: AI—and get 50% off a second. Hear from leaders at OpenAI, Anthropic, Khosla Ventures, and more during a full day of expert insights, hands-on workshops, and high-impact networking. These low-rate deals disappear when the doors open on June 5. Exhibit at TechCrunch Sessions: AI Secure your spot at TC Sessions: AI and show 1,200+ decision-makers what you've built — without the big spend. Available through May 9 or while tables last. Berkeley, CA | REGISTER NOW Show off your AI knowledge in this quick trivia round.
Fox News
38 minutes ago
- Fox News
Microsoft takes down malware found on 394,000 Windows PCs
Infostealer malware has been on the rise recently, and that's evident from the billions of user records leaked online in the past year alone. This type of malware targets everything from your name, phone number and address to financial details and cryptocurrency. Leading the charge is the Lumma infostealer. I have been reporting on this malware since last year, and security researchers have called it one of the most dangerous infostealers, infecting millions. There have been countless incidents of Lumma targeting people's personal data (more on this later), but the good news is that Microsoft has taken it down. The Redmond-based company announced it has dismantled the Lumma Stealer malware operation with the help of law enforcement agencies around the world. Microsoft confirmed that it has successfully taken down the Lumma Stealer malware network in collaboration with law enforcement agencies around the world. In a blog post, the company revealed that its Digital Crimes Unit had tracked infections on more than 394,000 Windows devices globally between March 16 and May 16. Lumma was a go-to tool for cybercriminals, often used to siphon sensitive information like login credentials, credit card numbers, bank account details and cryptocurrency wallet data. The malware's reach and impact made it a favored choice among threat actors for financial theft and data breaches. To disrupt the malware's operation, Microsoft obtained a court order from the U.S. District Court for the Northern District of Georgia, which allowed the company to take down key domains that supported Lumma's infrastructure. This was followed by the U.S. Department of Justice stepping in to seize control of Lumma's core command system and shut down marketplaces where the malware was being sold. International cooperation played a major role as well. Japan's cybercrime unit helped dismantle Lumma's locally hosted infrastructure, while Europol assisted in actions against hundreds of domains used in the operation. In total, over 1,300 domains were seized or redirected to Microsoft-managed sinkholes to prevent further damage. Microsoft says this takedown effort also included support from industry partners such as Cloudflare, Bitsight and Lumen, which helped dismantle the broader ecosystem that enabled Lumma to thrive. Lumma is a Malware-as-a-Service (MaaS) that has been marketed and sold through underground forums since at least 2022. Over the years, its developers have released multiple versions to continually improve its capabilities. I first reported on Lumma in February 2024, when it was used by hackers to access Google accounts using expired cookies that contained login information. Lumma continued targeting users, with reports in October 2024 revealing it was impersonating fake human verification pages to trick Windows users into sharing sensitive information. The malware wasn't limited to Windows. In January 2024, security researchers found the infostealer malware was targeting 100 million Mac users, stealing browser credentials, cryptocurrency wallets and other personal data. To protect yourself from the evolving threat of infostealer malware, which continues to target users through sophisticated social engineering tactics, consider taking these six essential security measures: 1. Be skeptical of CAPTCHA prompts: Legitimate CAPTCHA tests never require you to press Windows + R, copy commands or paste anything into PowerShell. If a website instructs you to do this, it's likely a scam. Close the page immediately and avoid interacting with it. 2. Don't click links from unverified emails and use strong antivirus software: Many infostealer attacks start with phishing emails that impersonate trusted services. Always verify the sender before clicking on links. If an email seems urgent or unexpected, go directly to the company's official website instead of clicking any links inside the email. The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices. 3. Enable two-factor authentication: Enable two-factor authentication (2FA) whenever possible. This adds an extra layer of security by requiring a second form of verification, such as a code sent to your phone, in addition to your password. 4. Keep devices updated: Regularly updating your operating system, browser and security software ensures you have the latest patches against known vulnerabilities. Cybercriminals exploit outdated systems, so enabling automatic updates is a simple but effective way to stay protected. 5. Monitor your accounts for suspicious activity and change your passwords: If you've interacted with a suspicious website, phishing email or fake login page, check your online accounts for any unusual activity. Look for unexpected login attempts, unauthorized password resets or financial transactions that you don't recognize. If anything seems off, change your passwords immediately and report the activity to the relevant service provider. Also, consider using a password manager to generate and store complex passwords. Get more details about my best expert-reviewed Password Managers of 2025 here. 6. Invest in a personal data removal service: Consider using a service that monitors your personal information and alerts you to potential breaches or unauthorized use of your data. These services can provide early warning signs of identity theft or other malicious activities resulting from infostealer malware or similar attacks. While no service promises to remove all your data from the internet, having a removal service is great if you want to constantly monitor and automate the process of removing your information from hundreds of sites continuously over a longer period of time. Check out my top picks for data removal services here. Get a free scan to find out if your personal information is already out on the web. Microsoft's takedown of the Lumma Stealer malware network is a major win in the fight against infostealers, which have fueled a surge in data breaches over the past year. Lumma had become a go-to tool for cybercriminals, targeting everything from browser credentials to crypto wallets across Windows and Mac systems. I've been tracking this malware since early 2024, and its ability to impersonate human verification pages and abuse expired cookies made it especially dangerous. Do you feel tech companies are doing enough to protect users from malware like this? Let us know by writing us at For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Follow Kurt on his social channels Answers to the most asked CyberGuy questions: New from Kurt: Copyright 2025 All rights reserved.
TechCrunch
42 minutes ago
- TechCrunch
Video game union announces first contract with Microsoft
In Brief Unionized quality assurance testers at video game holding company ZeniMax announced Friday that they have reached a tentative contract agreement with Microsoft, which acquired ZeniMax in 2021. This represents Microsoft's first union contract in the United States. It's been a little over two years since approximately 300 QA testers announced that they were unionizing through the Communications Workers of America, and they said they've been negotiating with Microsoft ever since. Bloomberg reports that the contract terms include an across-the-board, 13.5% pay raise on July 1. The contract also incorporates an already-announced agreement around the use of AI. Union members are scheduled to vote on ratifying the contract on June 20. In a statement, QA tester and union bargaining committee member Page Branson called this 'a monumental victory for all current video game workers and for those that come after.' While ZeniMax's QA workers were the first to unionize at Microsoft, other teams have followed suit, and the CWA said it now counts more than 2,000 Microsoft video game workers as members.
