Urgent warning issued to 1,800,000,000 Gmail users following ‘sophisticated’ password hack

An urgent warning has been issued to a whopping 1.8 billion Gmail users following a ‘sophisticated’ password hack.

Users are being urged to take extra steps make sure their accounts are secure.

This is after there were widespread attempts by hackers to gain access to Google accounts.

The scammers have been targeting Gmail users with phishing emails, which is an email that may appear legitimate at first glance because the hacker will disguise it as being from a trustworthy source.

They will usually include a link that the email will direct you to follow but, by doing so, you could lose access to your account.

A series of cyber attacks have been targeted towards Gmail users recently (seksan Mongkhonkhamsao/Getty Images)

Once they are in your account, these criminals will try to find sensitive information such as banking details.

Google is warning its users of this scam and is encouraging people to make sure they set up a recovery phone number or alternative email address that they can use to verify their identity if they get locked out.

This alert comes after a ‘‘sophisticated’ hack was found by developer Nick Johnson.

Johnson made Google aware of the issue after he posted what the phishing email looked like.

Scammers are becoming so efficient that the emails appear scarily legitimate, with the link even directing users to a duplicate of a Google help page.

However, it’s not all bad news because there are things you can do to make sure your email account is more secure.

First up, enable two-factor authentication which makes it harder for criminals to log into your account when they have your password.

There are steps you can take to make sure your email account is cyber secure (Mateusz Slodkowski/SOPA Images/LightRocket via Getty Images)

This feature will link your account to a device, such as your phone, and will ask for a password that is sent to your device before logging you in.

This means that if your password gets into the wrong hands, they won’t be able to gain access unless they have that unique passcode on your device.

Google also reminded its users that it will never ask them for account credentials when emailing and it will not call you.

Speaking to Metro, a spokesperson for Google said: “We’re aware of this class of targeted attack from this threat actor and have rolled out protections to shut down this avenue for abuse.

“In the meantime, we encourage users to adopt two-factor authentication and passkeys, which provide strong protection against these kinds of phishing campaigns.”

If you’re worried about your own cybersecurity, head to the settings of your email account to make sure it’s secure.