A new security warning has been issued for users of email services, specifically targeting Google and Gmail accounts. Despite these platforms being known for their robust security features like advanced spam filtering and multi-factor authentication, recent reports confirm that Russian hackers have managed to circumvent some of Google’s security protocols, leaving certain accounts vulnerable to attacks.

Security researchers at Google Threat Intelligence Group have identified this threat, noting that targeted attacks have already occurred. The method used by the hackers involves exploiting older devices that cannot handle the additional security verification steps required by Google accounts, such as two-factor authentication. These cybercriminals have been able to compromise accounts by targeting users with phishing tactics and stealing app passwords, which bypass the usual verification process.

According to experts at Malwarebytes, the attackers have specifically targeted academics and critics of Russia by posing as State Department representatives to gain access to Google accounts. While this attack was highly targeted, it serves as a warning that the general public could also be at risk of similar tactics.

To mitigate the threat, security experts recommend the following precautions:

1. Limit the use of app passwords and switch to more secure sign-in methods when possible.
2. Opt for stronger multi-factor authentication methods like authenticator apps or hardware security keys.
3. Educate yourself and others on recognizing phishing attempts to prevent credential theft.
4. Keep your operating system and apps updated to patch vulnerabilities.
5. Monitor login activities for any suspicious behavior and restrict access from unfamiliar locations.
6. Utilize security software to block malicious domains and detect scams.

By following these guidelines, users can enhance their online security and protect themselves from potential cyber threats.