{"id":156,"date":"2025-08-17T18:09:55","date_gmt":"2025-08-17T18:09:55","guid":{"rendered":"https:\/\/ssstt.app\/news\/?p=156"},"modified":"2025-08-17T18:42:25","modified_gmt":"2025-08-17T18:42:25","slug":"google-issues-a-warning-to-all-1-8-billion-gmail-users","status":"publish","type":"post","link":"https:\/\/ssstt.app\/news\/google-issues-a-warning-to-all-1-8-billion-gmail-users\/","title":{"rendered":"Google Issues a Warning to All 1.8 Billion Gmail users"},"content":{"rendered":"<p class=\"mb-4 text-lg md:leading-8 break-words\"><a href=\"https:\/\/ssstt.app\/news\/hashtag\/google\/\">Google<\/a> has 1.8 billion <a href=\"https:\/\/ssstt.app\/news\/hashtag\/gmail\/\">Gmail<\/a> users worldwide, and the company recently issued a major warning to all of those users about a &#8220;new wave of threats&#8221; to cybersecurity, given the advancements in artificial intelligence.<\/p>\n<p class=\"mb-4 text-lg md:leading-8 break-words\">Earlier this summer, Google issued an important warning to all of its users about a new form of cybersecurity attack called &#8220;indirect prompt injections.&#8221;<\/p>\n<p class=\"mb-4 text-lg md:leading-8 break-words\">The new threat puts individuals, businesses, and even governments at risk.<\/p>\n<h2 id=\"mcetoc_1j2skaftt0\">Google issues red alert to 1.8 billion Gmail users.<\/h2>\n<p>This warning reveals a hack where cyber criminals are using AI versus AI.<\/p>\n<blockquote class=\"tiktok-embed\" cite=\"https:\/\/www.tiktok.com\/@scottpolderman\/video\/7529951254752087310\" data-video-id=\"7529951254752087310\" data-embed-from=\"oembed\" style=\"max-width:605px; min-width:325px;\">\n<section> <a target=\"_blank\" title=\"@scottpolderman\" href=\"https:\/\/www.tiktok.com\/@scottpolderman?refer=embed\" rel=\"noopener\">@scottpolderman<\/a> <\/p>\n<p>Google issues red alert to 1.8 billion Gmail users. This warning reveals a hack where cyber criminals are using AI versus AI. <a title=\"gmail\" target=\"_blank\" href=\"https:\/\/www.tiktok.com\/tag\/gmail?refer=embed\" rel=\"noopener\">#gmail<\/a> <a title=\"redalert\" target=\"_blank\" href=\"https:\/\/www.tiktok.com\/tag\/redalert?refer=embed\" rel=\"noopener\">#redalert<\/a> <a title=\"hacker\" target=\"_blank\" href=\"https:\/\/www.tiktok.com\/tag\/hacker?refer=embed\" rel=\"noopener\">#hacker<\/a> <a title=\"iphonetips\" target=\"_blank\" href=\"https:\/\/www.tiktok.com\/tag\/iphonetips?refer=embed\" rel=\"noopener\">#iphonetips<\/a> <\/p>\n<p> <a target=\"_blank\" title=\"\u266c original sound - Scott Polderman\" href=\"https:\/\/www.tiktok.com\/music\/original-sound-7529951439867628301?refer=embed\" rel=\"noopener\">\u266c original sound &#8211; Scott Polderman<\/a> <\/section>\n<\/blockquote>\n<p> <script async src=\"https:\/\/www.tiktok.com\/embed.js\"><\/script><\/p>\n<h2 id=\"mcetoc_1j2skaftt1\" class=\"mb-4 text-xl font-bold md:text-2xl\">A New Threat Emerges<\/h2>\n<p class=\"mb-4 text-lg md:leading-8 break-words\">In an extensive blog post recently, Google issued a warning to all of its users about a new threat: indirect prompt injections.<\/p>\n<p><a href=\"https:\/\/ssstt.app\/news\/google-issues-a-warning-to-all-1-8-billion-gmail-users\/\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-large\" src=\"https:\/\/i.pinimg.com\/1200x\/41\/ac\/ef\/41acefe34fce60252b82553393ae0075.jpg\" alt=\"Google Issues a Warning to All 1.8 Billion Gmail users \" width=\"1200\" height=\"600\" \/><\/a><\/p>\n<p class=\"mb-4 text-lg md:leading-8 break-words\">&#8220;With the rapid adoption of generative AI, a new wave of threats is emerging across the industry with the aim of manipulating the AI systems themselves. One such emerging attack vector is indirect prompt injections,&#8221; Google\u00a0<a class=\"link \" href=\"https:\/\/security.googleblog.com\/2025\/06\/mitigating-prompt-injection-attacks.html?fbclid=IwY2xjawMI38RleHRuA2FlbQIxMABicmlkETFyVUpmeXlkSjFEc0NXTUtiAR5N-9cCl4z0OdxZD-6nko4J_LrkGdxX5-I7QKQNUMuG04Rd7KXuXSZ0Rmen0w_aem_v2-NioaJfRYTnli8JeutPA\" target=\"_blank\" rel=\"nofollow noopener\" data-ylk=\"slk:wrote in its blog;elm:context_link;itc:0;sec:content-canvas\" data-rapid_p=\"14\" data-v9y=\"1\">wrote in its blog<\/a>.<\/p>\n<p class=\"mb-4 text-lg md:leading-8 break-words\">&#8220;Unlike direct prompt injections, where an attacker directly inputs malicious commands into a prompt, indirect prompt injections involve hidden malicious instructions within external data sources. These may include emails, documents, or calendar invites that instruct AI to exfiltrate user data or execute other rogue actions,&#8221; the blog post continued.<\/p>\n<p class=\"mb-4 text-lg md:leading-8 break-words\">The Google blog post warned that this puts individuals and entities at risk.<\/p>\n<p class=\"mb-4 text-lg md:leading-8 break-words\">&#8220;As more governments, businesses, and individuals adopt generative AI to get more done, this subtle yet potentially potent attack becomes increasingly pertinent across the industry, demanding immediate attention and robust security measures,&#8221; the blog post continued.<\/p>\n<h2 id=\"mcetoc_1j2skaftt2\">New Gmail Security Alert For All 2.5 Billion Users \u2014 Steps To Take Now<\/h2>\n<p><em>This story, originally published on August 11, has been updated with additional mitigation advice following the new wave of Gmail security alerts as users warn of a hybrid attack employing email and phone calls in an attempt at account takeover.<\/em><\/p>\n<p>Google has already admitted that it is\u00a0under attack from hackers\u00a0thought to be part of the ShinyHunters extortion group, confirming a data breach that followed a successful compromise of a Google Salesforce database. Users of Google Cloud do not escape the security warnings either, with an advisory posting providing details of an attack path using what are known as\u00a0dangling buckets\u00a0to steal data and distribute malware. Gmail users cannot relax either, as they are also firmly in the hacker crosshairs.<\/p>\n<p>This triad of cybersecurity incidents is completed as Gmail users take to online support forums to report a wave of new attacks. This time, the attackers are adopting a hybrid approach that includes phone calls and email messages, all purporting to be from official Google support staff. As convincing as they are dangerous, here\u2019s what 2.5 billion Gmail users need to know and do about the security scams.<\/p>\n<h2 id=\"mcetoc_1j2skaftt3\" class=\"mb-4 text-xl font-bold md:text-2xl\">Expert Explains The Threat<\/h2>\n<p class=\"mb-4 text-lg md:leading-8 break-words\">During a recent interview with The Daily Record, tech expert Scott Polderman opened up a bit about the threat, explaining that a scam involves the use of another Google product, Gemini, an AI assistant known as a chatbot.<\/p>\n<p>&#8220;So hackers have figured out a way to use Gemini &#8211; Google&#8217;s own AI &#8211; against itself,&#8221; Polderman told\u00a0<a class=\"link \" href=\"https:\/\/www.dailyrecord.co.uk\/news\/science-technology\/everyone-gmail-account-issued-red-35605938\" target=\"_blank\" rel=\"nofollow noopener\" data-ylk=\"slk:The Daily Record;elm:context_link;itc:0;sec:content-canvas\" data-rapid_p=\"15\" data-v9y=\"1\">The Daily Record<\/a>. &#8220;Essentially, hackers are sending an email with a hidden message to Gemini to reveal your passwords without you even realizing.&#8221;<\/p>\n<p class=\"mb-4 text-lg md:leading-8 break-words\">&#8220;These hidden instructions are getting AI to work against itself and have you reveal your login and password information,&#8221; he continued.<\/p>\n<p class=\"mb-4 text-lg md:leading-8 break-words\">Polderman explained why people are particularly susceptible to the threat.<\/p>\n<p class=\"mb-4 text-lg md:leading-8 break-words\">&#8220;There is no link that you have to click [to activate the scam],&#8221; Polderman said. &#8220;It&#8217;s Gemini popping up and letting you know you are at risk.&#8221;<\/p>\n<h2 id=\"mcetoc_1j2skaftt4\" class=\"subhead-embed\">Gmail Security Alert For All 2.5 Billion Users<\/h2>\n<p>With an estimated 2.5 billion users, or around 30% of the world\u2019s total population, it\u2019s hardly surprising that cybercriminals are interested in hacking Gmail. After all, your email is a treasure trove of useful data that can be employed in further attacks. All email platforms are vulnerable to hacking, but Gmail, like Microsoft Windows, stands out due to its massive user base.<\/p>\n<p><a href=\"https:\/\/ssstt.app\/news\/google-issues-a-warning-to-all-1-8-billion-gmail-users\/\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-large\" src=\"https:\/\/i.pinimg.com\/1200x\/67\/bb\/e1\/67bbe1e46d6e9bc22ca7023ba0427bf2.jpg\" alt=\"Google Issues a Warning to All 1.8 Billion Gmail users \" width=\"1200\" height=\"675\" \/><\/a><\/p>\n<p>The latest round of attack warnings comes courtesy of postings to the\u00a0<a class=\"color-link\" href=\"https:\/\/www.reddit.com\/r\/GMail\/\" target=\"_blank\" rel=\"nofollow noopener noreferrer\" data-ga-track=\"ExternalLink:https:\/\/www.reddit.com\/r\/GMail\/\" aria-label=\"Gmail subreddit\">Gmail subreddit<\/a>, which describe in detail how scammers are impersonating Google in attempts to initiate an account password reset and take over your email inbox. I have\u00a0<a class=\"color-link\" href=\"https:\/\/www.forbes.com\/sites\/daveywinder\/2024\/10\/13\/new-gmail-security-alert-for-billions-as-7-day-ai-hack-confirmed\/\" target=\"_self\" data-ga-track=\"InternalLink:https:\/\/www.forbes.com\/sites\/daveywinder\/2024\/10\/13\/new-gmail-security-alert-for-billions-as-7-day-ai-hack-confirmed\/\" aria-label=\"reported\" rel=\"noopener\">reported<\/a>\u00a0on such attacks before, and the recent spike appears to follow the same methodology. The victims first receive a phone call from someone claiming to be from Google support, warning them that an unknown party has attempted to hack their Google account. The caller advises that a password reset is required to stop the so-called attack and protect the user from harm.<\/p>\n<p>This is where the second part of the hybrid scheme comes into play, sending an account reset email to the user. The con itself is a simple one: that password reset email to your Gmail account includes a security verification code to prove it\u2019s you trying to change the password. The attacker encourages the victim to read the code out over the telephone so that \u201cGoogle support\u201d can reset the victim\u2019s account and protect them from the consequences of the \u201congoing attack.\u201d Of course, all they are really doing is hacking your account in real time, while on the phone with you.<\/p>\n<h2 id=\"mcetoc_1j2skaftt5\" class=\"mb-4 text-xl font-bold md:text-2xl\">Google Rolls Out New Security Measures<\/h2>\n<p class=\"mb-4 text-lg md:leading-8 break-words\">The good news is that Google is already moving forward with some new security measures to help keep its users safe from these threats.<\/p>\n<p class=\"mb-4 text-lg md:leading-8 break-words\">&#8220;Google has taken a layered security approach introducing security measures designed for each stage of the prompt lifecycle. From Gemini 2.5 model hardening, to purpose-built machine learning (ML) models detecting malicious instructions, to system-level safeguards, we are meaningfully elevating the difficulty, expense, and complexity faced by an attacker,&#8221; Google wrote in its blog.<\/p>\n<p class=\"mb-4 text-lg md:leading-8 break-words\">&#8220;This approach compels adversaries to resort to methods that are either more easily identified or demand greater resources.&#8221;<\/p>\n<p>Google itself has said that the number of password-stealing threats delivered by email\u00a0increased by 84%\u00a0last year, a trend that it confirmed has \u201conly intensified in 2025.\u201d<\/p>\n<h2 id=\"mcetoc_1j2skaftt6\" class=\"subhead-embed\">Mitigating The Latest Gmail Account Attacks<\/h2>\n<p>Google has published a\u00a0<a class=\"color-link\" href=\"https:\/\/guidebooks.google.com\/online-security\/account-hacked\/verify-security-alert\" target=\"_blank\" rel=\"nofollow noopener noreferrer\" data-ga-track=\"ExternalLink:https:\/\/guidebooks.google.com\/online-security\/account-hacked\/verify-security-alert\" aria-label=\"helpful guide\">helpful guide<\/a>\u00a0with advice on how to tell if a Google security alert is genuine, but users are also advised to implement the following three account\u00a0attack mitigation steps\u00a0as a matter of some urgency.<\/p>\n<p><a href=\"https:\/\/ssstt.app\/news\/google-issues-a-warning-to-all-1-8-billion-gmail-users\/\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-large\" src=\"https:\/\/i.pinimg.com\/1200x\/f7\/e5\/88\/f7e5883ea34492e55c7810c188bac33b.jpg\" alt=\"Google Issues a Warning to All 1.8 Billion Gmail users \" width=\"1200\" height=\"675\" \/><\/a><\/p>\n<p>The Google Security Checkup is, in my never humble opinion, the most efficient and effective way to ensure that the right security protections are in place to defend your account. It does this by checking what you have activated, and advising about issues that could leave you at risk. It is a fully automatic process, at least as far as checking your account is concerned, but you will need to follow the provided links to change settings as recommended.<\/p>\n<p>Google\u2019s Advanced Protection Program ensures that additional checks are made to help prevent even the most determined hackers from gaining access to your Gmail account. Checks such as blocking potential harmful downloads, restricting non-Google apps from accessing data from your Gmail account, and imposing additional steps into the account recovery process to prevent sophisticated attackers to stop hackers taking control.<\/p>\n<p>And finally, using a Google passkey really can stop most account takeover attacks stone dead. \u201cGoogle research has shown that security keys provide a stronger protection against automated bots, bulk phishing attacks, and targeted attacks than SMS, app-based one-time passwords, and other forms of traditional two-factor authentication,\u201d a Google spokesperson<\/p>\n<ul>\n<li>\n<h2 id=\"mcetoc_1j2skaftt7\"><strong><a href=\"https:\/\/ssstt.app\/news\/is-gmail-down-gmail-warning-today\/\"><mark>Gmail warning today<\/mark><\/a><a href=\"https:\/\/www.google.com\/search?ved=1t:260882&amp;q=gmail+warning+today&amp;bbid=7250413551824918120&amp;bpid=8335346273504868849\" target=\"_blank\" rel=\"noopener\">.<\/a><\/strong><\/h2>\n<\/li>\n<\/ul>\n<p>Gmail is available worldwide. Less than 3 issues were reported in the last hour. Stay informed about the latest Gmail outages (up or down) and service disruptions with our up-to-date community-based monitoring tool.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-large wp-image-162\" src=\"https:\/\/ssstt.app\/news\/wp-content\/uploads\/2025\/08\/gmail-warning-today-1024x559.png\" alt=\"gmail warning today\" width=\"1024\" height=\"559\" srcset=\"https:\/\/ssstt.app\/news\/wp-content\/uploads\/2025\/08\/gmail-warning-today-1024x559.png 1024w, https:\/\/ssstt.app\/news\/wp-content\/uploads\/2025\/08\/gmail-warning-today-300x164.png 300w, https:\/\/ssstt.app\/news\/wp-content\/uploads\/2025\/08\/gmail-warning-today-768x419.png 768w, https:\/\/ssstt.app\/news\/wp-content\/uploads\/2025\/08\/gmail-warning-today-512x280.png 512w, https:\/\/ssstt.app\/news\/wp-content\/uploads\/2025\/08\/gmail-warning-today-920x502.png 920w, https:\/\/ssstt.app\/news\/wp-content\/uploads\/2025\/08\/gmail-warning-today.png 1463w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/p>\n<ul>\n<li>\n<h2><a href=\"https:\/\/ssstt.app\/news\/critical-security-alert-google\/\"><mark>Critical security alert Google<\/mark><\/a><a href=\"https:\/\/www.google.com\/search?ved=1t:260882&amp;q=critical+security+alert+google&amp;bbid=7250413551824918120&amp;bpid=8335346273504868849\" target=\"_blank\" rel=\"noopener\">.<\/a><\/h2>\n<\/li>\n<\/ul>\n<p><strong>Critical security alert Google<\/strong>? Yes, it&#8217;s a useful security feature that intends to warn you about suspicious activity on your account. However, hackers can abuse it and launch phishing attacks against users to get their personal information.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-177\" src=\"https:\/\/ssstt.app\/news\/wp-content\/uploads\/2025\/08\/ggoogle.png\" alt=\"\" width=\"640\" height=\"272\" srcset=\"https:\/\/ssstt.app\/news\/wp-content\/uploads\/2025\/08\/ggoogle.png 640w, https:\/\/ssstt.app\/news\/wp-content\/uploads\/2025\/08\/ggoogle-300x128.png 300w, https:\/\/ssstt.app\/news\/wp-content\/uploads\/2025\/08\/ggoogle-512x218.png 512w\" sizes=\"auto, (max-width: 640px) 100vw, 640px\" \/><\/p>\n<ul>\n<li><mark><a href=\"https:\/\/ssstt.app\/news\/google-issues-a-warning-to-all-1-8-billion-gmail-users\/\">Gmail security warning cyber threats<\/a><\/mark><\/li>\n<li><mark><a href=\"https:\/\/ssstt.app\/news\/google-issues-a-warning-to-all-1-8-billion-gmail-users\/\">Google report phishing<\/a><\/mark><\/li>\n<li><mark><a href=\"https:\/\/ssstt.app\/news\/google-issues-a-warning-to-all-1-8-billion-gmail-users\/\">Google Calendar hacked<\/a><\/mark><\/li>\n<li><mark><a href=\"https:\/\/ssstt.app\/news\/google-issues-a-warning-to-all-1-8-billion-gmail-users\/\">Is Google Calendar safe<\/a><\/mark><\/li>\n<li><mark><a href=\"https:\/\/ssstt.app\/news\/google-issues-a-warning-to-all-1-8-billion-gmail-users\/\">Google Cloud Next news<\/a><\/mark><\/li>\n<li><mark><a href=\"https:\/\/ssstt.app\/news\/google-issues-a-warning-to-all-1-8-billion-gmail-users\/\">Gmail phishing links<\/a><\/mark><\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"Google has 1.8 billion Gmail users worldwide, and the company recently issued a major warning to all of&hellip;","protected":false},"author":1,"featured_media":157,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"csco_display_header_overlay":false,"csco_singular_sidebar":"","csco_page_header_type":"","footnotes":""},"categories":[5],"tags":[34,33],"class_list":["post-156","post","type-post","status-publish","format-standard","has-post-thumbnail","category-google","tag-gmail","tag-google","cs-entry"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/ssstt.app\/news\/wp-json\/wp\/v2\/posts\/156","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ssstt.app\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ssstt.app\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ssstt.app\/news\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/ssstt.app\/news\/wp-json\/wp\/v2\/comments?post=156"}],"version-history":[{"count":15,"href":"https:\/\/ssstt.app\/news\/wp-json\/wp\/v2\/posts\/156\/revisions"}],"predecessor-version":[{"id":183,"href":"https:\/\/ssstt.app\/news\/wp-json\/wp\/v2\/posts\/156\/revisions\/183"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ssstt.app\/news\/wp-json\/wp\/v2\/media\/157"}],"wp:attachment":[{"href":"https:\/\/ssstt.app\/news\/wp-json\/wp\/v2\/media?parent=156"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ssstt.app\/news\/wp-json\/wp\/v2\/categories?post=156"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ssstt.app\/news\/wp-json\/wp\/v2\/tags?post=156"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}