Google has debunked claims about sending an ‘emergency warning’ to all Gmail users. The tech giant, in a blog post on Tuesday, stated that ‘Gmail’s protections are strong and effective,’ while calling the reports of a major security breach ‘entirely false.’
“We want to reassure our users that Gmail’s protections are strong and effective. Several inaccurate claims surfaced recently that incorrectly stated that we issued a broad warning to all Gmail users about a major Gmail security issue. This is entirely false,” the company wrote in a blog post.
“While it’s always the case that phishers are looking for ways to infiltrate inboxes, our protections continue to block more than 99.9% of phishing and malware attempts from reaching users,” the company added.
While the company did not specifically mention the reports it was referring to, it is clear that the issue was indeed related to multiple reports claiming that a warning had been issued to all 2.5 billion users of Gmail regarding a phishing attack following the recent Salesforce breach.
Google had itself informed about the phishing attack in a blog post in June and later, in an update on August 8, noted that it had completed notifying all users affected by the incident. This seems to have been misconstrued in the reports as an incident of Google sending a warning to all Gmail users.
“Our teams invest heavily, innovate constantly, and communicate clearly about the risks and protections we have in place. It’s crucial that conversation in this space is accurate and factual,” Google cautioned in its blog post.
Google also took the opportunity to inform users about the need to step away from passwords to alternatives like Passkeys for a more secure experience.
Notably, Passkeys are generally considered safer than passwords because they cannot be guessed, stolen, or reused across websites. Passkeys use a system of private and public keys. Only a public key is stored on the servers, while the private key never leaves the user’s device, which makes them resistant to phishing attacks and data breaches.
