Cybersecurity experts have issued a warning to Gmail users about a new wave of deceptive phishing emails being sent from addresses that appear to belong to Google, but in reality, do not.
These emails often come from addresses that look legitimate, such as “noreply@gmail.com” or “security.alerts@gmail.com”, but a deeper look reveals they originate from malicious external domains.
The messages are crafted to trick users into clicking on suspicious links or sharing sensitive personal and financial information.
Tactics include fake security alerts, password reset requests, or warnings about unusual account activity.
Experts note that these phishing emails are highly sophisticated, often replicating Gmail’s visual design, including official logos, formatting, and familiar signatures—making them difficult to detect at a glance.
Users are strongly advised to:
Avoid clicking any links within suspicious messages.
Always verify the sender’s full email address.
Never enter personal details or passwords via unknown links.
Enable two-factor authentication for added security.
Google emphasized that it never asks users for passwords or payment information via email.
Users are encouraged to report phishing emails directly using the “Report phishing” option in Gmail to help prevent the spread of these scams.
Also Read: 34.1 Million Social Media Users in Saudi Arabia: A Digital Leap in 2025
