Billions of Gmail users issued urgent warning over new 'extremely sophisticated attack'

Billions of Gmail users are being issued an urgent warning over an 'extremely sophisticated attack' that could be putting accounts at risk.

While we can all do everything we can to ensure our devices are as secure as they possibly can be, some hacks can be more complicated and put our personal information at risk.

Cybercriminals are seemingly using all the right tricks to take advantage of innocent web users and recently, they have been targeting Gmail customers, which sees them use AI to create realistic phone calls and send out seemingly legitimate emails.

Following these hyper realistic phone calls, an email is then sent, which prompts users to a website that seemingly looks identical to that of the Google website. But the link is very much scam.

Scams are becoming more complicated (Getty Stock Photo)

The problem is that many of these scams are able to bypass Google's security systems, which has led to some users being caught out.

Developer Nick Johnson, who obviously knows a lot about the field, was targeted by the scammers who suggested a legal subpoena had been issued for him.

The scam also worryingly tells users that a copy all of the content on their Google account needs to be produced.

Yes, it may sound farfetched - but some users could believe it to be real as it seems to be coming from a valid Google account.

"The first thing to note is that this is a valid, signed email - it really was sent from [email protected]," Johnson said in a thread posted to Twitter.

"It passes the DKIM signature check, and Gmail displays it without any warnings - it even puts it in the same conversation as other, legitimate security alerts."

In a statement provided to Newsweek, Google has acknowledged the scam and says they're working hard to fix it.

"We're aware of this class of targeted attack from the threat actor, Rockfoils, and have been rolling out protections for the past week," a spokesperson for the tech company said.

A warning has been issued to Gmail users (Mateusz Slodkowski/SOPA Images/LightRocket via Getty Images)

"These protections will soon be fully deployed, which will shut down this avenue for abuse.

"In the meantime, we encourage users to adopt two-factor authentication and passkeys, which provide strong protection against these kinds of phishing campaigns."

A spokesperson for Google told UNILAD: “We’re aware of this class of targeted attack from this threat actor and have rolled out protections to shut down this avenue for abuse. In the meantime, we encourage users to adopt two-factor authentication and passkeys, which provide strong protection against these kinds of phishing campaigns."

Spencer Starkey, a vice-president at SonicWall, has stated companies such as Google need to be on their toes to ensure their users are safe.

He said: "Cybercriminals are constantly developing new tactics, techniques, and procedures to exploit vulnerabilities and bypass security controls, and companies must be able to quickly adapt and respond to these threats.

"This requires a proactive and flexible approach to cybersecurity, which includes regular security assessments, threat intelligence, vulnerability management, and incident response planning."