Google warns of Gmail phishing surge

WXIN/WTTV -- Google is urging users to be on the lookout for a recent surge in "phishing" attacks aimed at Gmail users.




According to Google, the most recent phishing emails are designed to look like they're coming from official Google Support in order to steal your login credentials. The emails look like real Google security protocols and can trick users into sharing their username and password, giving the bad guys access to their entire Google account.




The surge comes as a recent survey ranked Indiana No. 2 in the nation for phishing attack victims and scams get harder to recognize.




To protect yourself, Google said you should go beyond updating your password and using two-factor authentication. The company recommends adopting "Passkeys." Unlike a password that can potentially be hacked or guessed, a passkey is an encrypted piece of code that's actually stored on your computer, smartphone or tablet. Once it's on there, you no longer have to use your password to log into your Google account on that machine.




"They can't be written down or accidentally given to a bad actor," Google said on its security support page. "When you use a passkey to sign in to your Google account, it proves to Google that you have access to your device and are able to unlock it."




One important thing to remember about a passkey is that when you store one on your computer or phone, it's unique to that machine. That's part of what makes it secure. If you want one on all your devices, you'll need to install one on each of your devices. Google has detailed instructions on how to do that, which you can find here.



via: https://fox59.com/news/google-warns-of-gmail-phishing-surge/