Skip to content
CybersecurityTechnologyGeneral-newsCrime-and-justice

Gmail users experience increasing voice-based scams

Under the guise of a routine call, a presumably genuine voice from Google support allegedly informs that a potential security breach may have occurred with your Gmail account. There might also be a subsequent email containing a link, seemingly authentic, but in reality, the voice on the line is...

 and  Administrator
2 min read
Gmail users experience increasing instances of voice phishing, signifying advanced cyber threats
Gmail users experience increasing instances of voice phishing, signifying advanced cyber threats

Gmail users experience increasing voice-based scams

======================================================================================

By Jayesh Shinde, Executive Editor

Over the past few weeks, Gmail users have been targeted by increasingly sophisticated phishing campaigns. These attacks, orchestrated by groups such as ShinyHunters, have been a cause for concern due to their effectiveness and the potential damage they can inflict.

The latest attack, which occurred in early June 2025, saw a large-scale cyberattack on a Google Salesforce instance. This breach resulted in the theft of contact data affecting potentially 2.5 billion Gmail users. The hackers then employed multiple tactics, including voice phishing ("vishing") calls pretending to be Google support, to take over accounts and collect data.

These attacks combine old tricks like fake login screens, SMS links, and phony emails with new hacking methods like deepfake-powered "vishing." The voice on the phone claiming to be from Google support is AI-generated and designed to trick users into handing over digital keys.

Google admits that only about a third of Gmail users regularly update their passwords, and many still rely on SMS-based two-factor authentication. This reliance on SMS 2FA should be replaced with authenticator apps like Google Authenticator, Authy, or Microsoft Authenticator for enhanced security.

The attacks have also highlighted the weak nature of our passwords, even in 2025. A new study reveals that over 52% of users admit to reusing passwords and approximately 13% admit to using one password across all accounts. Users are encouraged to adopt passkeys as the default sign-in method.

To mitigate the risks, Gmail users are advised never to sign in via a link, but to type in the address themselves or use saved bookmarks. Attackers often build extra steps into their traps to capture two-factor authentication codes or bypass the need for them altogether.

Google's Security Checkup is recommended for flagging suspicious activity and offering recommendations. Users are also encouraged to change their password immediately, especially if it hasn't been changed this year.

The real question is whether Gmail users will adapt their behaviours as fast as the attackers are adapting theirs. Most Gmail users are still leaving their front door unguarded and wide open, despite Google building stronger locks. It's time for users to take their security seriously and implement these recommendations to protect their digital lives.

Read also:

Related

Latest