How to spot if your Gmail account is under attack as Google issues warning

If it feels like cyber attacks are becoming more common place, that's because they are, and the attacks are becoming more and more sophisticated.

So much so that Google, Microsoft and Apple users are being used to secure their accounts by changing passwords, removing SMS two-factor authentication and instead adding passkeys.

The reason for binning the popular protection of SMS two-factor authentication comes down to the fact that hackers are able to trigger automated security messages from companies like Gmail, at the same time as calling the victim pretending to be from Gmail's customer support team.

This issue was recently brought to light when a Reddit user questioned whether a hacker is able to 'send Google Security Prompts directly to my phone?'

Of course, anyone can trigger one of these messages, as long as they know your email address, which is why security alerts always urge you to ignore them unless you requested it yourself as it's a sure sign someone else is trying to access your account.

Phishing scams are becoming more sophisticated (Getty Stock Images)

In this situation, however, the attempted hack was much more sophisticated. The victim received a phone call from 'Google Security Team' and requested a callback.

"The person on the other side was a 'Google' employee. She spoke very professionally and I confirmed that I didn't attempt to change the primary phone number," they wrote. "She mentioned that the system placed a 'temporary lock' on my email due to the attempt, and we need to recover it."

The Reddit user was temporarily convinced the call was legit because the email they received came from a Google.com email address. However, as soon as the caller asked them to read their security code out over the phone, they knew it was actually a phishing scam.

But how to tell if you're being targeted as part of such an attack? Well, according to Google, the answer is relatively simple, with a representative telling Forbes: "Please reiterate to your readers, that Google will not call you to reset your password or troubleshoot account issues."

The most important thing to know is Google and Apple will never call you (Getty Stock Images)

This point is echoed by Apple, which warns: "If you get an unsolicited or suspicious phone call from someone claiming to be from Apple or Apple Support, just hang up."

And, as mentioned earlier, if you get an unexpected security prompt, it will usually be because someone else has triggered it, meaning you should ignore it and absolutely not initiate any account recovery processes.