#98 TRENDING IN Opinion 🔥

Hackers Target Gmail Passwords: Google Confirms Users Should Update Security

Opinion

September 02, 2025

In the modern world, hacking and cybersecurity threats are increasingly becoming more common. And the scary part is that even if you've been hacked, you might not realize it for months. Google, one of the biggest tech giants, has confirmed a number of recent security threats, specifically concerning Gmail.

There have been several articles online concerning these threats, so it's important to differentiate between misinformation and the truth. According to Forbes, from the actual data breach at Google itself, it seems only customer and company names were leaked. However, there are many ways in which hackers are targeting Gmail users, and Google has confirmed that there has been an increase in the number of these kinds of attacks.

Image Credit: Mikail Nilov From Pexels

The first kind of attack users are being targeted with is a security warning: a 'suspicious sign in prevented' email. These seem to be from Google itself and claim to encourage users to click on a link or button to sign in to their accounts. This is how they get access to users' passwords and information - and once they have these, they can access your entire account.

Google advises users who come across this kind of email to review security in their Google settings, instead of clicking any kind of link. This is true in general, not just for Google: avoid clicking on links you are sent at all costs, and only click on websites you know you can trust.

A couple of months ago, I accidentally downloaded a virus onto my computer. For a while, I didn't even know I had it—despite having virus protection on my computer—and in the end, I had to fully reset my computer. Thankfully, my computer wasn't that old, so I didn't have many important files on there, but if I had, the process would have been a lot more difficult. Long story short, even if you have antivirus apps downloaded onto your computer, you can still get a virus. It's better to just be cautious and avoid the issue in the first place.

A similar scam hackers use to obtain this information is telephone calls. They pretend to be customer support, but their actual motive is to obtain as much information as possible so they have access to your account.

Image Credit: Matias Mango From Pexels

Google has already been warning users to update security for a while now. And even if you don't use Google, which is unlikely, the security advice they have been giving is relevant to you, too. In a world where technology is part of everyday life, you can't help but secure your online activity. So, here's how Google has said you can update your account security:

Add a Passkey—

This is thought to be a highly secure method for signing in compared to passwords. It's when you use a fingerprint, face scan or screen lock (essentially the same as when you sign into your computer). If you add a passkey to a device and you're asked to use a password on that same device, you should be cautious, as this is likely some kind of phishing or attack. Before working on this article, I had no idea you could even have a passkey for Google accounts. But now that we know Google and other companies are beginning to level up their security, it's our job to ensure we keep ourselves protected online.

Image Credit: Cottonbro studio From Pexels

Two-Factor Authentication (2FA) —

2FA makes it so that additional verification is required when you sign into an account. Typically, you'll have to enter your password, followed by an additional code. These codes can be SMS-based; however, this type of 2FA is thought to be rudimentary, as it can be more easily accessed by attackers.

Instead, you should use more secure forms of 2FA, like trusted authenticator apps (I personally recommend Proton! They're a great company for security and privacy in general). I put off using 2FA for a long time because it seemed like too much effort, but it wasn't that difficult to set up. Plus, the type of 2FA I use has auto-fill, so you don't need to bother checking your phone or anything to complete the process of signing in. If anything, more secure forms of 2FA are actually easier to use than SMS-based 2FA, so why not make the switch?

blue and white logo guessing game

Image Credit: Brett Jordan From Unspalsh

Update Your Passwords —

Finally, you should also make sure you're regularly updating your passwords. Although it might seem unnecessary, especially if you've already added a Passkey, it's important if you want to ensure hackers stay out of your account. Even if you have a Passkey, hackers can still access your account using your password.

Plus, you should make sure your passwords are strong and not repeated across multiple accounts. This way, you can avoid brute force attacks on your passwords and only one of your accounts gets hacked if you do fall victim to an attack. This is something I didn't even realize was an issue before I did research for this article. I figured my passwords were relatively secure, and I didn't need to update them. But then I noticed that I had quite a few passwords that were the same across multiple accounts. If you accidentally give your sign-in to a hacker in the ways mentioned before, this is a good way to avoid giving them permanent access to your account.

Image Credit: Pixabay from Pexels

Overall, online security is highly serious and something everyone should ensure they have. Even if it seems like a lot of additional effort to set up these forms of security, it's worth it if you want to avoid your account being compromised!

Aanya Dau
50k+ pageviews

Aanya Dau is a grade 11 student attending Meadowridge School in Canada. She became interested in journalism after joining her school's newspaper club in grade 8. In her free time, she enjoys reading, writing, and hanging out with friends and family.

Want to submit your own writing? Apply to be a writer for The Teen Magazine here!
Comment