Since 2012, we’ve warned our users if we believe their Google accounts are being targeted by government-backed attackers.
We send these out of an abundance of caution — the notice does not necessarily mean that the account has been compromised or that there is a widespread attack. Rather, the notice reflects our assessment that a government-backed attacker has likely attempted to access the user’s account or computer through phishing or malware, for example. You can read more about these warnings here.
Security has always been a top priority for us. Robust, automated protections help prevent scammers from signing into your Google account, Gmail always uses an encrypted connection when you receive or send email, we filter more than 99.9% of spam — a common source of phishing messages — from Gmail, and we show users when messages are from an unverified or unencrypted source.
An extremely small fraction of users will ever see one of these warnings, but if you receive this warning from us, it's important to take action on it. You can always take a two-minute Security Checkup, and for maximum protection from phishing, enable two-step verification with a Security Key.