You may be used to learn some of the recent phishing and scam attacks from this account, so today I will post a very strange and dangerous new scam that I saw!
What would you do if Google would send you an email and if you would consider this as a valid one, after your first checks?
I saw this post on X - so I am sharing this with all of you with a reminder.
We can never, ever be too safe. We need to keep our eyes and ears open for everything that may happen around us.
This phishing attack exploits a vulnerability in Google's infrastructure, and as per Nick's Tweet, who received the below email, allegedly by Google.
Nick is Lead developer of ENS & Ethereum Foundation alum
 |  |
|---|
Nick noted that this appears as a valid, signed email - and in reality, sent from no-reply@google.com.
It passes the DKIM signature check, and GMail displays it without any warnings - it even puts it in the same conversation as other, legitimate security alerts.
What is even more concerning is that the user is directed to a portal named sites. google . com which will probably lead the users to consider it legit.
The next step is that the user is required to put their google credentials and most probably, when they do - these are received from the scammers who then can do anything they want with them.
This is another very sophisticated scam and proves that we can never be too safe online.
You can read the thread here for more details, and if you need to remember one thing from todays post, it is that we are not safe.
When it comes to any online communication, we should consider it as
Unsafe until proven otherwise. (or unsafe - simple as that)
Did you receive anything similar?
I hope that this post will be useful!