Has Phishing Attack Struck Google's Gmail?

Looks like a phishing attack has struck Google's mailing service Gmail. A phishing mail masked as an official mail from the Gmail Team asks users to update their account details for security reasons, reported The Times of India. These details included account name, password, occupation, birth date and country of residence. The note also stated that those who would not update their details within 7 days of receiving the warning, would lose their account permanently.


Hackers steal the user login credentials of those who fall for this and then scan the mail account for banking details. Just to be clear, Google had made the HTTPS access default for the Gmail users for security of the mail.

On this, a Google spokesperson responded, "Some spammers send fraudulent mass-messages designed to collect personal information, called 'spoofing' or 'password phishing'. We always advise our users to be wary of any message that asks for your personal information, or messages that refer you to a webpage asking for personal information. Google or Gmail does not send unsolicited mass messages asking for passwords or personal information; even if the message asking for it claims to be from us, please don't believe it." More information about mails asking to update personal information can be found here.

Google can't do much about curious users who click on phishing mails and end up sharing personal credentials to hackers. For rest, Google has introduced default secured access to Gmail and also good spam filters. Do note that Gmail asks only once for your personal details at the time of registration.