"The phishing emails were unusually well disguised and satisfied the email authentication methods DMARC and DKIM, making them appear legitimate."
"EasyDMARC believes the attackers accessed an email from no-reply@accounts.google.com that included a valid DKIM signature, then re-sent it using Outlook.com."
EasyDMARC identified a sophisticated phishing campaign that spoofed Google by using emails appearing to come from no-reply@accounts.google.com. These emails falsely claimed compliance with a subpoena from law enforcement, linking to a Google Sites URL. Despite appearing legitimate, the attack exploited valid DKIM signatures and DMARC practices. By accessing a legitimate email and re-sending it through Microsoft's service, the attackers made their phishing attempts look authentic, educationally warning users about these fraudulent approaches.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]