Google has issued a warning for its 2.5 billion Gmail users worldwide, urging them to change their passwords and enabling two-phase verification (2SV) as hackers ramped their attacks. The alert comes after an increase in successful break-in, many of which are associated with the notorious hacking collective shinniers. The group, whose name is inspired by the Pokémon franchise, is active since 2020 and is believed to have many high-profile data violations, including AT&T, Microsoft, Santnder and Ticketmaster, which is according to the Silev.com.

The favorite strategy of shinyhunters is fishing: Sending carefully prepared emails that trick the person receiving in clicking on bogus login pages or handing over sensitive details including safety code. While most of the stolen data were publicly available in this recent campaign, Google has warned that group techniques can grow in more targeted and harmful attacks.

In a June blog post, the company said, “We believe that the danger actors using the ‘Shinyhunters’ brand may be prepared to increase their forced recovery strategy by launching data leak site (DLS).”

A few weeks later, on 8 August, Google emailed the potentially affected Gmail users, advising them to pursue their account security without any delay. Two-phase verification (also known as two-factor authentication or multi-factor authentication) adds an additional lock to your digital front door. Even if criminals manage to catch your password, they will still need a secondary code, which is usually sent to a reliable device to get admission.

This small step can create all differences. According to the Mirror US report, the UK action fraud highlighted the importance of enabling 2SV, “secure your email account by enabling 2-step verification (2SV). It can prevent criminals from entering your accounts, even if they have your password.”

The official stop think fraud website echoed the message that reminds users how easy it is to switch to the convenience: “2SV turning your most important accounts of an additional level of protection, especially your email. It can be started in terms of minutes – time can be spent to cheat well.”

It also stated that the option is widely available. “2SVs can usually be found in your account safety settings. Sometimes it is called 2-factor authentication (2FA) or multi-factor authentication (MFA). 2SV is available for most major online services, such as emails, banking and social media.”

Google’s warning is not only for those who were targeted. Serving as the entrance to banking, shopping and social media login with email accounts, an agreement made Gmail can open the door for huge problems.

The message is clear, do not wait until you are hacked. Change your password, turn 2SV, and place the fraudsters in the Gulf.