Red alert for everyone with Gmail: From now on, you are required to follow these six rules.

The rise of cybercrime has made the vast majority of users aware of the dangers and threats that exist online, many of which reach us through email. Gmail, being the most popular service in the world, has worked hard to detect these messages and filter them to eliminate them before they reach users.

However, some continue to arrive because they are so well designed that systems fail to detect them. Although they are not the majority, some attacks continue to occur. According to Google's Threat Intelligence Group, one threat in particular has multiplied in recent weeks.

The problem is that it's able to bypass Gmail's multi-factor authentication , meaning cybercriminals could gain full access to accounts without the owner ever knowing anything was wrong.

Google accounts are generally very secure, as users must use multiple methods to access services like Gmail. These methods often include two-factor authentication, which sends a message to a second device before the login is granted.

But it seems Russian cybercriminals have found a way to target older phones and other devices that can't perform this additional verification step . In these cases, Google offers something called app passwords , which are special 16-digit codes meant to keep less modern devices secure.

However, because app passwords bypass the second verification step, hackers can more easily steal or impersonate them . "The attackers initially established contact by posing as a State Department representative, inviting the target to a consultation within a private online conversation," Malwarebytes explained.

While this threat has so far focused on a specific group of users, that doesn't mean the general public can't be next. Therefore, cybersecurity experts have explained how you can protect yourself by following six rules.

1. Use app passwords only when absolutely necessary. If you have the opportunity to switch to apps and devices that support more secure login methods, do so.
2. Enable multi-factor authentication, use apps like Google Authenticator, which are more secure than SMS confirmation.
3. Learn about new threats so you know when they arise.
4. Review your accounts regularly for unknown access or suspicious activity on your account.
5. Update your device whenever a new version is available.
6. It never hurts to install extra security software.