Warning! There is a new - and very clever - Gmail Password Reset scam circulating.
The scam works by asking that you send - by text - a 6-digit password reset code that you have received from Gmail, claiming that this code will stop a password reset that is being attempted. However, that code is actually doing just the opposite - giving access to an unauthorized user.
This scam requires that the hacker have both your Gmail address and your mobile phone number. This is important to note because the fact that someone has both pieces of information can reinforce the idea that the request is legitimate.
One Gmail user who reported the scam posted this screen shot of the text exchange:
While we haven't yet seen any widespread reports of this particular scam, forewarned is forearmed.
Best practice if you ever receive any unsolicited requests to provide account information is to contact the service provider directly. If you want to log into an account such as Gmail to check on anything, be sure to do so from a clean browser window and not from a link provided to you in an email or a text message.
Remember to always be cautious about unsolicited emails and text messages, and be on the lookout for the common red flags of a phishing campaign.