More than 2b users face Phishing risks after Google data leakage
NEWNow you can listen to News articles!
A technological leader like Google often seems invincible when it comes to cybersecurity attacks, but that is not the case. Earlier this month, the search giant confirmed that the attackers had accessed one of their corporate instances of Salesforce. According to a Google spokesman, this system stored basic and largely publicly available commercial information, such as contact data and notes of small and medium enterprises. He did not store data from Google Cloud customers or consumer products such as Gmail, Drive or Calendar.
Google says that the malicious activity ended, completed an impact analysis and provided mitigations. Therefore, users do not require more actions.
The new Google AI makes the most intelligent robots without the cloud
Register for my free Cyberguy report
Get my best technological tips, urgent security alerts and exclusive offers delivered directly to your inbox. In addition, you will get instant access to my definitive scam survival guide, free when it joins me Cyberguy.com/newsletter
Cybercriminals are exploiting the recent non -compliance with Google Salesforce data to release calls and phishing attacks against Gmail users worldwide. (Kurt “Cyberguy” Knutsson)
Vishing Llamas Target Gmail Users of Gmail
According to reports, computer pirates have accessed Google Salesforce database systems, exposing the names of customers and companies. Google confirmed the incident and clarified that the information was mainly public business contact data and did not include passwords or payment information. The company emphasized that the violation affected only a system of corporate salts, not the Gmail consumer or Google Cloud accounts.
Even so, the attackers are exploiting the news of the rape to boost phishing and splashes scams, deceiving people to renounce confidential information. According to PC World, some users have already informed an increase in phishing attempts that refer to Google services.
Let Google follow each of your movements
One of the main tactics implies scam phone calls, also known as Vishing. A Reddit publication highlighted a wave of calls from the 650s code, which is linked to the Google headquarters. In these calls, scammers pose as Google employees and warn the victims of an alleged security violation. Then they instruct users to restore their Gmail password and share it with them. This blocks the legitimate owner of the account and gives the attacker the full control.
A user launches Gmail. (Kurt “Cyberguy” Knutsson)
Old infrastructure exploited with “pendant cubes”
Separately from the Salesforce incident, Google Cloud customers also face another type of attack. Computer pirates are trying to exploit obsolete access directions using a method called hanging cube. This can allow them to inject malware or steal data. Both companies and people are vulnerable to lose control over confidential information if they are directed in this way.
Gmail and Google Cloud serve almost 2.5 billion people, which makes the risk scale significant. Although the initial violation did not expose the passwords, the attackers are using the incident news to deceive people to reveal their login details.
A Google search window is on a laptop. (Kurt “Cyberguy” Knutsson)
6 ways in which you can keep safe from scammers aimed at Google accounts
Google accounts are often a main objective for scammers. The good news is that protecting does not require advanced technical skills. Some practical steps can drastically reduce their possibilities to become a victim.
1) Avoid clicking on Phishing’s links
Phishing remains the most common way that scammers steal the credentials of the Google account. An email or false text can claim that your account has been blocked or that you need to verify suspicious activities. Click the link generally takes it to a counterfeit login page that is almost identical to the real google login screen.
To avoid falling into these tricks, see the email address of the sender carefully, walk the links before clicking and avoid entering your Google password on any page that does not start with accounts.google.com.
The best way to safeguard the malicious links that install malware, which potentially access their private information, is to have an antivirus software installed on all its devices. This protection can also alert it to the PHISHING Electronic Correos and Ransomware scams, maintaining their personal information and their safe digital assets.
Get my elections for the best 2025 antivirus protection winners for their Windows, Mac, Android and iOS devices in Cyberguy.com/Lockupyoutech
2) save passwords safely
Reuseizing weak passwords on several sites is an open invitation for scammers. If a place is broken, your Google account becomes vulnerable. A strong and unique password is its first line of defense.
The easiest way to manage this is with a password administrator. You can generate complex passwords, store them safely and complete them automatically when you need them. In this way, you never have to remember dozens of different logs, and the attackers cannot guess their way.
Then see if your email has been exposed in past violations. Our password selection #1 (see Cyberguy.com/Passwords) Includes a built -in breach scanner that verifies whether your email address or passwords have appeared in known leaks. If you discover a coincidence, immediately change any reused password and ensure those accounts with new and unique credentials.
See the best password administrators reviewed by 2025 experts in Cyberguy.com/Passwords
What to do if you receive a password restoration email that you did not request
3) Delete personal data that put it at risk
Scammers often use information they find online to create convincing attacks. If your email address, telephone number or even previous passwords are floating on data broker sites, criminals have more tools to impersonate you or deceive you to reveal more.
The use of a data removal service helps clean your fingerprint. By reducing the amount of information presented about you, it becomes much more difficult for scammers directly.
While no service can guarantee the complete elimination of your Internet data, a data removal service is really an intelligent option. They are not cheap, and it is not your privacy either. These services do all the work by you by actively monitoring and systematically erasing your personal information from hundreds of websites. It is what gives me peace of mind and has proven to be the most effective way to erase your personal internet data. By limiting the available information, it reduces the risk of cross -references data of infractions with information they can find in the dark network, which makes it difficult to be pointed out.
See my best selections to obtain data removal services and get a free scan to find out if your personal information is now available on the web visiting Cyberguy.com/delete
Get a free scan to find out if your personal information is already on the web: Cyberguy.com/freescan
4) Turn on the authentication of two factors
Even the strongest password can be stolen, but Two factors authentication (2FA) Add an additional barrier. When you are enabled, Google will request a unique code or a message on your phone before granting access. That means that even if a scammer manages to obtain his password, he cannot log in without also having his device.
Google offers several 2FA methods, from SMS codes to applications -based indications and even hardware security keys. For the best protection, choose the applications -based verification or hardware instead of text messages.
5) Keep your updated devices
Many scams are based on exploiting obsolete software. If your phone, browser or operating system is not updated, attackers can use known vulnerabilities to install malware or kidnap their session.
Establish your devices in Update automatically whenever possible. This guarantees that you are always executing the last security patches, reducing the amount of openings that a scam can use.
6) Regularly verify the Google account safety configuration
Google provides built -in tools to help users detect suspicious activities. When visiting the security page of your Google account, you can see devices that have been registered, the recent account activity and if the recovery options such as your phone number and backup email are updated.
Executing a Google security check only takes a few minutes and gives you a clear overview of any weakness. Think about it as a health control for your digital life.
Click here to get the News application
Kurt key takeway
The incident is a reminder that even technological giants with vast resources are not immune to security lapses. While Google insists that no passwords were exposed, the wave of phishing and Vishing scams shows how fast criminals can even arise partial leaks. What began as a violation of commercial data has become a threat that faces millions of everyday users, asking questions about how safe is the Google ecosystem.
Do you think that regulators should intervene with stricter rules on how cloud suppliers handle safety lapses? Get us knowing in Cyberguy.com/contact
Register for my free Cyberguy report
Get my best technological tips, urgent security alerts and exclusive offers delivered directly to your inbox. In addition, you will get instant access to my definitive scam survival guide, free when it joins me Cyberguy.com/newsletter
Copyright 2025 Cyberguy.com. All rights reserved.
Kurt “Cyberguy” Knutsson is a award -winning technological journalist who has a deep love for technology, equipment and devices that improve life with their contributions for News & News Business Startzing Mornings in “News & Friends”. Do you have a technological question? Get the free Kurt’s free newsletter, share your voice, an idea of the story or comment on Cyberguy.com.