The founder and leader of the Ethereum Name Service developer warned his X followers of a “super sophisticated” phishing attack that could indicate Google and deceive users in providingoging credentials.
The exploitation of phishing attacks Google’s infrastructure to send a fake alert to users who inform them that their Google data is shared in law enforcement due to a subpoena, Ens’ Nick Johnson Says In a post on April 16 at X.
“It passes DKIM’s signature check, and Gmail shows it without any warnings – it is even placed in the same conversation as others, legitimate security alerts,” he said.
Number AssaultUsers are offered the opportunity to view case materials or protests by clicking on a support page link, which uses Google sites, a tool that can be used to generate a website on a Google subdomain, according to Johnson.
“From there, maybe, they are reaping your login credentials and using them to compromise your account; I have never walked away to check,” he said.
Google’s domain name gives the impression it’s legitimate, but Johnson says there is still Signed by Telltale this is a phishing scamLike the email passes by a private email address.
Scammers take advantage of Google Systems
In an April 11 report, the software firm EasyDMarc Explained That the phishing scam works by carrying Google sites.
Anyone with a Google account can create a site that looks legitimate and hosted under a trusted Google-owned domain.
They also use the Google Oauth app, where the “Key Trick can you put whatever you want in the app’s name field in Google,” and use a domain by namecheap that allows them to “put a no-reply@account on Google as from the address and the response address can be anything.”
“Finally, they pass the message to their victims. Since DKIM only confirms the message and its headers and not the envelope, the message passes the signature validation and shows as a legitimate message to the user’s inbox – even in the same thread of legitimate security,” Johnson said.
Google that throws countermeasures as soon as possible
In a cointelegraph -speaking, a Google spokesperson said they were aware of the issue and closed the mechanism used by the attacks to enter the “arbitrary length of the text,” which would prevent the method of attacking from future working.
Related: Hackers hide the crypto address-swapping malware in Microsoft Office Add-in Bundles
“We know this class of targeted attacks from the actor’s threat, rockfoils, and rolling protections for the past week. These protections are about to deploy, to close this Avenue for abuse,” the spokesman said.
“Meanwhile, we encourage users to adopt two-factor validation and passkey, which provides strong protection against these types of phishing campaigns.”
The speaker added that Google will not be asked for any private account credentials-including passwords, one-time passwords or push notifications, or call users.
Magazine: Your AI ‘Digital Twin’ can take meetings and entertain your loved ones
