Google issued a brief statement on its blog this week, promoting the security of Gmail following erroneous online claims of mass warnings sent to end users.
The post, an unsigned report shared on The Keyword on September 1st, keeps things both brief and vague. Google says it’s acting to “reassure” its customers that the platform is secure, and that reports of a “broad warning to all Gmail users” regarding a breach did not in fact occur. The blog post cites Google’s ability to block “more than 99.9% of phishing and malware attempts,” while also noting that its own recommended practices include the use of passkeys over traditional passwords.
The reason behind this post seems to spawn from growing noise on both social media and in various press outlets over whether a group called ShinyHunters had gained access to general data on Gmail users at large. While some stories surrounding phishing attempts have made their way to Reddit — and, at the very least, appear to be accurate — it appears as though most of the noise is being made by reporters connecting a recent SalesForce breach with this June blog post promoting passkey adoption.
Google did update its Threat Intelligence blog post addressing the SalesForce breach early in August to note it had sent alerts to affected accounts, but it doesn’t appear that all 2.5 billion active users received these notifications. Both updates on this page were added on August 8th, stating Google had begun and finished notifying affected users on the same day.
It appears to be unrelated to any recent phishing attempts, though claims on Reddit are mentioned repeated efforts utilizing both mailer-daemon inbox alerts and calls from Californian area code 650 pretending to be with Google. As always, you shouldn’t click suspicious links sent to your Gmail account or give login information to anyone over the phone.
FTC: We use income earning auto affiliate links. More.
Source link
