Alert: A New Phishing Scam Targeting Gmail Users

Phishing Scam Alert: Gmail Users Targeted in Latest Attack

Written by: Supriya Kadu

Edited by: Pinky Deshmukh

Last Updated: April 21, 2025

Summary: A phishing scam from no-reply@google.com is targeting Gmail users and compromising their personal information.

A serious phishing attempt has been detected that targets Gmail users, with emails claiming to be from Google's official address "no-reply@google.com." The scammers trick the users into giving up crucial account information under the pretext of checking suspicious activity.

According to the researchers, the email is similar to a typical Google security alert, notifying users of suspected unauthorized access and pushing them to click a button to "review activity." The link, however, leads to a phishing website that steals your personal information.

They can evade the ordinary security measures increases the risk. According to reports, the email avoids Gmail's standard spam and phishing filters and passes DKIM (DomainKeys Identified Mail) verification. The message, therefore, shows up in the inboxes alongside authentic security alerts.

Security researcher Nick Johnson, who analyzed the scam, stated that the attackers are leveraging a flaw in Google’s email infrastructure to create a sense of trust. “The email is technically legitimate in how it’s sent, which makes it extremely dangerous,” he noted.

Although Google has not yet released a statement to the public, rumors suggest that the firm is aware of the problem and is taking steps to resolve it. Experts are warning Gmail users to be cautious in the interim.

Users are advised not to click on links in unsolicited security emails, even if they appear to come from a trusted source. They should go directly to their account settings on Google's official website or app. Users should use Gmail's "Report phishing" feature to report questionable emails, double-check URLs before clicking, and enable two-factor authentication.

Cybersecurity experts have highlighted the importance of proactive security measures and appropriate knowledge to prevent falling prey to these phishing scams.