British newspaper the Daily Mail has issued an urgent warning to the millions of users of the Gmail email service around the world in light of an escalation in malicious electronic attacks, following a new wave of scams via text messages (SMS) aimed at stealing passwords and taking full control of accounts.
According to a recent report published by the newspaper, users received what appeared to be a completely official text message from Gmail by Google warning that their accounts were subject to hacking attempts and suspicious logins from foreign IP addresses.
The message contains a direct link titled “Recover your account” and urges users to click it immediately to secure their account, but here lies the real danger. Once the link is clicked, the victim is redirected to a carefully designed fake page that looks like Google’s official page, where they are asked to enter a password, which allows the scammer to quickly take over their account.
In a more dangerous move, after taking control of the email, an attacker could use the phone number associated with the account to transfer a two-factor authentication code if via SMS, or perform a “SIM swap” attack to take control of the number itself.
From 2025 to early 2026, there was a noticeable increase in “phishing” attacks via mobile phones that took advantage of users’ trust in text messages compared to traditional email. This is partly due to the fact that many users still rely on two-factor authentication via text message, despite Google’s repeated warnings about vulnerability to SIM swap attacks.
The proliferation of large-scale database breaches is also contributing to the ability of cybercriminals to obtain phone numbers and email addresses.
Cybersecurity experts have confirmed that this type of attack relies heavily on “social engineering.” This is because they exploit users’ immediate fear of losing their accounts and encourage them to act quickly without careful consideration.
