- Fake Gmail alerts trick users into revealing passwords.
- Scammers use fake Google sign-in warnings to steal data.
- Clicking links can download malware, giving hackers phone control.
If you have received a warning on your phone saying your Gmail account has been compromised, stop before you click anything. Google has confirmed that cybercriminals are sending fake “suspicious sign-in prevented” alerts to Gmail users, designed to look exactly like official Google notifications.
The goal is simple: trick you into clicking a link that opens a fake Google webpage, stealing your password and phone number. With 1.8 billion Gmail users worldwide, the threat is massive.
How This Scam Is Fooling Gmail Users Around The World
The alarm was raised in February when a Reddit user reported receiving a message from what appeared to be “Gmail from Google,” claiming their account was compromised.
“Previously, there were several emails informing me that there were ‘sign-on attempts’ from a few IP addresses located in Venezuela, Bangladesh, etc,” the Gmail user posted.
The user panicked and clicked the link. “Normally, I would recognise this as phishing, but it had never happened on the phone before, and I clicked on the link, ‘signing on,’ which gave the scammer my Gmail password,” they admitted.
Google acknowledged the threat, warning: “Always be wary of messages that ask for personal information like usernames, passwords, or other identification information, or send you to unfamiliar websites asking for this information.” Google confirmed in August 2025 that hackers had been stepping up attacks on Gmail globally.
What Happens To Your Phone If Yu Click The Link
Once you open the malicious link, particularly on Android devices, malware disguised as a “Google security check” can be downloaded, giving hackers complete control over your phone, including remote access and data theft.
Google recommends going directly to your Google Account, navigating to Security, reviewing “Recent security events,” and securing your account immediately without clicking any link in the warning message. Experts also strongly urge enabling two-factor authentication.
“2FA can be annoying or cumbersome at times, but with it on, you should be fine from now on. Faith in the Authenticator app!” one Reddit user advised.
