Google will start showing warnings to users accounts that may have been hijacked or have become targets of phishing or malware.
You can see what this new warning looks like here:
The warning does not necessarily mean that an account has been hijacked. It just means that Google believes the specific user may be a target, of phishing or malware for example, and that he or she should take immediate steps to secure your account.
Google suggests users to create a unique password that has a good mix of capital and lowercase letters, as well punctuation marks and numbers; enable 2-step verification as additional security; and update their browser, operating system, plugins, and document editors. In addition, since attackers often send links to fake sign-in pages to try to steal users' passwords, so users should be careful about where they sign in to Google and look for https://accounts.google.com/ in their browser bar.
"You might ask how we know this activity is state-sponsored," Eric Grosse, VP Security Engineering at Google wrote in a blog post. "We can't go into the details without giving away information that would be helpful to these bad actors, but our detailed analysis - as well as victim reports - strongly suggest the involvement of states or groups that are state-sponsored," he said.