Dagens.com
Homepage Technology FBI issues urgent warning over Gmail cookie-theft scam

FBI issues urgent warning over Gmail cookie-theft scam

Asger Risom Asger Risom
Smartphone,gmail,breach,hack,scam,login,code
Sadi-Santos / Shutterstock.com

The FBI has issued an urgent alert to Gmail users following a surge in cyberattacks.

Others are reading now

The FBI has issued an urgent alert to Gmail users following a surge in cyberattacks that exploit a newly discovered vulnerability allowing hackers to steal login cookies and bypass two-factor authentication.

A growing global target

With more than 1.8 billion users worldwide, Gmail has become one of the most widely used email services — and a prime target for cybercriminals. According to the FBI, hackers are increasingly using sophisticated cookie-theft attacks to gain access to users’ Google accounts and everything linked to them, from social media and online platforms to banking details, as reported by elEconomista.

The agency’s cybersecurity division warned that attackers are taking advantage of a vulnerability in session cookies — the small data files that keep users logged in so they don’t have to re-enter passwords each time. By replicating these cookies, criminals can gain full access to accounts without needing passwords or authentication codes.

How the scam works

Most attacks begin when victims click on a malicious link or visit a fake website that downloads malware to their device. Once installed, the malware harvests stored cookies, allowing hackers to impersonate the user on Gmail and other connected services.

In practical terms, anyone who has ever selected “Remember this device” during login could be at risk, as attackers can reuse those stored sessions to bypass security checks.

Also read

Cybersecurity experts say this method is particularly dangerous because it can sidestep even the strongest authentication protections, giving criminals near-complete access to personal and financial information.

How to protect your account

The FBI recommends several key steps to reduce the risk of cookie-theft attacks:

  • Regularly clear cookies and browsing data from your internet browser.
  • Avoid using the “Remember this device” option when logging into accounts.
  • Only access secure websites that begin with HTTPS.
  • Review your account’s login activity frequently for suspicious access.

Google has acknowledged the threat and says it is working on new security measures to protect users. The company described cookie theft as a “growing problem across the web” and confirmed that attackers are increasingly targeting session cookies due to their high value on the dark market.

Authorities emphasize that awareness remains the best defense. Users who notice unfamiliar logins or device activity should immediately change their passwords, revoke old sessions, and enable Google’s security checkup tools.

Sources: FBI, Google, elEconomista.es, Demandsage

Also read

This article is made and published by Asger Risom, who may have used AI in the preparation

Ads by MGDK