Costa News Spain Breaking News | English News in Spain.
If you use Gmail – and let’s be honest, most of us do – this one is worth your attention. The FBI has alerted the public to a new wave online scams targeting Gmail accounts. This is already catching people all over the world.
Gmail is the most popular email service in everyday life. It’s free, convenient, and gives you access to the whole Google ecosystem: Maps, YouTube, Drive, Android backups – even banking codes sometimes arrive there. Gmail is used by more than 1.8 Billion people worldwide, according to recent statistics. Scammers are attracted to places where there is a large population.
Cybersecurity experts linked to the FBI have now confirmed that criminals are using a new technique capable of getting into Gmail accounts even when two-factor authentication is enabled — something many of us believed was the final line of defence.
The Trick of Stealing Session Cookie
The scam doesn’t start with anything dramatic – just the usual ‘click here’ trap.
It could be a fake delivery note, a link that pretends to come from your bank or a webpage that looks like it came from them. looks legitimate. With just one click, malware is installed in the background.
From there, hackers steal your session cookies – the small files your browser uses to remember that you’re already logged in. Cookies are useful in the real world: they save time by preventing you from having to constantly enter your password. They can also be used by someone to copy the login session. This allows them to gain access directly into Gmail, without having your password and verification code.
This is why this new wave of attacks is so alarming. Even people who follow security advice – strong passwords, authentication apps, login alerts – can still be exposed.
If someone gains access to your Gmail account they can usually reach all of its associated information:
Social media accounts, shopping account, cloud files, and even bank messages.
What can you do now?
The FBI’s advice isn’t dramatic – but it’s practical and immediate:
- Clearing your browser’s cookies regularly is annoying, but it has a lot of benefits.
• Avoid ticking “Remember this device” when logging in
• Stick to secure websites (look for HTTPS)
• Check your Google account’s login history now and then
• Be extra cautious with unexpected links or attachments
The attack will be much more difficult to succeed if you have these small habits.
Google has admitted the problem. Google says that it is working on ways to automatically protect accounts, but acknowledges the fact that cookie theft attacks are becoming increasingly sophisticated and frequent.
What does this mean for Gmail security?
This is not about panic – it’s about awareness.
These scams are successful because they take advantage of people when they’re distracted.
If a message looks rushed, emotional, or ‘urgent’, take a breath before clicking.
You should trust your gut instincts when a website seems “off”.
And if your Gmail ever shows a login from a place you don’t recognise – act immediately.
Often, a single click is all that’s needed. Perhaps pause before clicking this time.
