Overview

• Google has identified a limited-scope phishing scam targeting Gmail users through phone calls impersonating Google Support.
• Scammers claim to verify account recovery details but aim to obtain two-factor authentication (2FA) codes to breach accounts.
• Fraudulent calls often appear to originate from genuine Google numbers, adding to their credibility.
• Google emphasizes it will never call users to request passwords or verification codes and advises reporting suspicious calls immediately.
• The company has bolstered security measures, suspended abusive accounts, and urged users to adopt passkeys and stay vigilant.