Phishing attacks are growing more sophisticated, particularly a new Google spoofing scheme that mimics legitimate Gmail messages. Ethereal Name Service developer Nick Johnson disclosed his experience with a phishing scheme that presented itself as a law enforcement subpoena aimed at retrieving user information. He warned that the scheme leverages a vulnerability within Google's infrastructure, using Google Sites to appear legitimate. The attack highlights the importance of user awareness in recognizing such threats, as scammers use contextual clues and familiar domain names to deceive users.
Recently I was targeted by an extremely sophisticated phishing attack, and I want to highlight it here. It exploits a vulnerability in Google's infrastructure.
This notice is to alert you that a subpoena was issued to Google LLC by a law enforcement that seeks retrieval of information contained in your Google account.
Because they know people will see the domain is http://google.com and assume it's legit, the cyberspoofers also used Google Sites.
The email originated from an official no-reply on Google's domain and was filed in the same conversation as other, legitimate security alerts.
Collection
[
|
...
]