Attackers are sending sophisticated phishing emails disguised as urgent subpoenas from 'no-reply@google.com,' tricking users into revealing personal information. By utilizing Google's 'Sites' app, these scams create realistic emails and links leading to deceptive webpages. The emails bypass normal authentication methods, such as DKIM, because they appear to be sent from Google's own service. Notably, a developer reported this security flaw, which Google initially dismissed but has since recognized and is working to address.
Attackers are exploiting Google's tools to send phishing emails impersonating law enforcement, bypassing authentication measures, and tricking users into revealing their credentials.
Collection
[
|
...
]