X

That Supposed 'Gmail Hack': Google Says It's False, but Watch Out for Phishing Anyway

No, Google didn't send out a major warning, but it's always good to keep your data secure.

Headshot of Gael Cooper
Headshot of Gael Cooper
Gael Cooper
CNET editor Gael Fashingbauer Cooper, a journalist and pop-culture junkie, is co-author of "Whatever Happened to Pudding Pops? The Lost Toys, Tastes and Trends of the '70s and '80s," as well as "The Totally Sweet '90s." She's been a journalist since 1989, working at Mpls.St.Paul Magazine, Twin Cities Sidewalk, the Minneapolis Star Tribune, and NBC News Digital. She's Gen X in birthdate, word and deed. If Marathon candy bars ever come back, she'll be first in line.
Expertise Breaking news, entertainment, lifestyle, travel, food, shopping and deals, product reviews, money and finance, video games, pets, history, books, technology history, and generational studies Credentials
  • Co-author of two Gen X pop-culture encyclopedia for Penguin Books. Won "Headline Writer of the Year"​ award for 2017, 2014 and 2013 from the American Copy Editors Society. Won first place in headline writing from the 2013 Society for Features Journalism.
Gael Cooper
2 min read
person-using-computer-gettyimages-1302430380

Some Gmail users are worried about rumors of a hack.

 Oscar Wong/Getty Images

Gmail is a hugely popular email service, with over 2.5 billion users. So when rumors start to swirl about Gmail problems, people pay attention. On Monday, Google made an unusual statement, formally denying that it had issued a broad warning about a major Gmail security issue.

"Gmail's protections are strong and effective, and claims of a major Gmail security warning are false," the post read. "While it's always the case that phishers are looking for ways to infiltrate inboxes, our protections continue to block more than 99.9% of phishing and malware attempts from reaching users."

It's a bit odd that Google had to deny sending a warning. As a Gmail user, I didn't see any major security warning, even though news outlets reported on it.

Salesforce data was affected in June

Perhaps Gmail users were confusing the nonexistent warning with another one. 

Back in June, Google posted a blog entry about how its Threat Intelligence group is tracking hackers who are impersonating IT support personnel over the phone. The hackers' goal is to trick employees into sharing their credentials so they can steal a company's Salesforce data. (Salesforce is a cloud-based platform that helps businesses manage their customer interactions.) 

On Aug. 5, the post was updated to note that one of Google's own corporate Salesforce instances was affected by this kind of activity.

"Analysis revealed that data was retrieved by the threat actor during a small window of time before the access was cut off," the post read. "The data retrieved by the threat actor was confined to basic and largely publicly available business information, such as business names and contact details."

Emails were sent to those affected by this incident on Aug. 8, so if you didn't receive one, your data wasn't affected.

In late July, Google also posted a warning about the acceleration of phishing attacks and offered some tips on how to protect yourself.

Tighten up your security

While Google didn't send out the massive warning last week that was reported, the Salesforce social-engineering hack is a good reminder that even if your Gmail account seems fine, there are ways to improve your email security.

"Each data breach is a reminder of the importance of good security habits," said Adam Benjamin, CNET managing editor of software and services. "Services like password managers help you set a strong, unique password for each login and minimize the fallout if your information does wind up in the hands of someone else."

A password manager can help you keep your accounts secure without having to memorize dozens of passwords and remember which is for each account. A recent CNET survey revealed that 49% of US adults have risky password habits. CNET has a list of the best password managers and the pros and cons of each.