Home » News » Apps » Gmail users are at a serious risk: Here is what you should do to stay safe

Gmail users are at a serious risk: Here is what you should do to stay safe

By Mustafa Khan | Updated on 21-Apr-2025
Gmail users are at a serious risk: Here is what you should do to stay safe
Mustafa Khan Mustafa Khan
21-Apr-2025
HIGHLIGHTS

Google has issued a warning about a new phishing scam that is becoming common on the platform.

Software developer Nick Johnson was one of the first to flag the issue on X.

Users should avoid clicking on suspicious links and instead log in directly via the official Google website.

If you are a Gmail user, read this carefully! Google has issued a warning about a new phishing scam that is becoming common on the platform. This phishing campaign cleverly mimics official emails and bypasses standard security checks. The aim of these phishing attacks is to steal user credentials, and the scammers use convincing messages from what appears to be a legitimate Google email address so that people end up trusting them.

Software developer Nick Johnson was one of the first to flag the issue on X (formerly Twitter). He received an email from “no-reply@google.com” claiming a legal subpoena had been issued for his Google Account. The email had a link attached to it which directs to a fake Google support page hosted on sites.google.com—a Google-owned domain. This made the mail look more authentic.

Why Google has raised an alarm is that it passed Google’s own security checks, including DomainKeys Identified Mail (DKIM). The email also appeared within the same Gmail thread as real security alerts, making it extremely difficult to distinguish from a genuine warning.

If someone trusts these emails and goes to the fake website, a sign-in page appears. This is where scammers get full access to the victims’ Gmail accounts and linked data. Google further revealed that this threat exploits OAuth and DKIM in a new way. The company is currently rolling out fixes and says protections will be fully deployed soon. Meanwhile, users are urged to exercise caution.

Till the time Google rolls out an update, users should avoid clicking on suspicious links and instead log in directly via the official Google website. Furthermore, users should enable two-factor authentication and passkeys for added security.

Stay safe online and always stay alert, even the most authentic-looking emails and websites can turn out to be a scam.

Mustafa Khan

Mustafa Khan

Mustafa is a young tech journalist who tells it like it is, cutting through buzzwords to deliver straightforward smartphone reviews. He’s the office go-to for insider tips and quick demos, and his video content doesn’t waste anyone’s time. When he’s off the clock, he geeks out over cars, photography, and hunting down the best spot for Indian food. View Full Profile

New Mobiles
OnePlus 13s | Samsung Galaxy A05 | Samsung Galaxy M01s | Motorola Edge 50 Pro 5G |
Top-10s
Best Mobile Phones Under 25000 | Best Mobile Phones Under 15000 | Best Phones under 20000 in India | Best Mobile Phones Under 30000 | Best Phones Under 10000 |
Latest News
AI takes centre stage, again: A look at what’s coming at Computex 2025  | iQOO Neo 10 launch in India soon: Price range, specifications, design and more | OnePlus 13s leaks: Launch timeline, camera, display, price and other specs | Google I/O 2025: Dates, how to watch live stream and what to expect |
Digit

Digit.in is one of the most trusted and popular technology media portals in India. At Digit it is our goal to help Indian technology users decide what tech products they should buy. We do this by testing thousands of products in our two test labs in Noida and Mumbai, to arrive at indepth and unbiased buying advice for millions of Indians.

Follow us : logo logo logo logo logo logo
Company About Us Contact Us Advertise with us Regulatory Terms & Conditions Privacy Policy Disclaimer Complaint Redressal
Copyright © 2025 Bennett, Coleman & Company Limited All Rights Reserved.
Digit.in
Logo
Digit.in
Logo