Noah Romsdal Hallundbæk Sørensen
A new SMS scam is now targeting Gmail users.
Cybercriminals are changing their tactics to lure Gmail users into traps. Instead of traditional phishing emails, the attacks are now being sent directly to phones as SMS messages.
Warnings about security problems and demands for immediate action can cause recipients to react without thinking.
According to reports, scammers are trying to gain access to users’ login details through fake messages pretending to come from Google.
In the worst case, a single click on a link in the message can give attackers access to a Gmail account.
This is reported by Origo.
A new SMS trap
The scam typically begins with a text message informing the recipient that a security issue has been detected on their Gmail account. The message often claims that someone has attempted to log in and that the user must act immediately.
The SMS contains a link that leads to a website designed to look like Google’s official login page. Here, the user is asked to enter their password or confirm account details.
If the information is entered, scammers can capture the login credentials and in some cases attempt to bypass two‑factor authentication.
Why it works
SMS-based attacks can be more effective than traditional phishing emails. Many people perceive messages on their phones as more personal and trustworthy.
At the same time, a phone number may appear less suspicious than an unfamiliar email address.
The messages are also written with a sense of urgency, often claiming that the account could be locked if the recipient does not act immediately.
Signs of a scam
There are several common warning signs that can reveal fraudulent messages.
A threatening or pressuring tone demanding immediate action is often a red flag.
Suspicious or shortened links that do not clearly lead to an official Google page should also raise suspicion.
Finally, legitimate services rarely ask for passwords or security codes directly through a link in an SMS.
How to protect yourself
Security experts recommend never clicking links in SMS messages about account security. If you are unsure, you should instead open Gmail through your browser and check your account there.
It is also important to regularly review your account’s security settings. Two‑factor authentication and a strong, unique password can reduce the risk of misuse.
If you have already clicked a suspicious link and entered information, you should immediately change your password and check the account for unknown logins or changes to recovery information.
A growing threat
Online scams are constantly evolving, and new methods appear all the time. SMS‑based phishing shows how criminals adapt to users’ digital habits.
The best protection remains awareness. By verifying information through official channels and avoiding panic reactions, users can often prevent their accounts from being compromised.
