A fresh and extremely clever phishing fraud is taking advantage of Google’s infrastructure to send spoof subpoena notifications to Gmail users. The deceptive emails look as if they come from authentic Google accounts and are intended to deceive recipients into divulging sensitive personal data. The fraud has caused severe worry among IT security experts and has encouraged Google to alert its users.
Exploiting Google’s Infrastructure for Deception
The phishing attack uses the Google Sites platform to generate realistic-looking fake subpoena notices. Attackers design emails that appear to be sent from “no-reply@google.com,” complete with legitimate DomainKeys Identified Mail (DKIM) signatures, so they can evade spam filters and look legitimate in users’ mailboxes. Such messages inform recipients about an alleged legal subpoena regarding their Google account and encourage them to follow links given with the subjects “Upload additional documents” or “View case.” These links point users toward impostor websites placed on Google subdomains like sites.google.com that closely resemble genuine Google logins.
One of the targeted individuals was Nick Johnson, a developer who has been linked to Ethereum Name Service (ENS). According to Johnson, the phishing message he received cleared DKIM tests and was shown alongside actual security notifications in his Gmail inbox. Johnson only mentioned that the scam was only noticeable by the URL, which used sites.google.com instead of the normal accounts.google.com. Such a subtle change is prone to being unnoticed by users, thus making the scam highly threatening.
Related Post
Google’s Response and Users’ Recommendations
After being faced with the scam, Google accepted the problem and reported that it has taken steps to avoid such misuse of its infrastructure. The company assures that it will never request users to give personal details, passwords, or verification codes through emails or phone calls. Google recommends that users enable two-factor authentication (2FA) or utilize passkeys to secure their accounts better. Passkeys, being associated with physical hardware, provide a more secure solution to passwords and are less vulnerable to phishing attacks.
They are advised to be cautious while accepting emails purporting to be from Google, particularly those requesting action urgently or those leading to unfamiliar websites. It’s advised to confirm whether emails like this are genuine or not by ensuring the sender’s email address and scrutinizing the URLs of any embedded links. Users should always open Google’s official sites by directly entering the URL into their browser, instead of opening links found in the email. Also, suspicious emails must be reported to Google’s phishing reporting channels or relayed to concerned authorities to assist in curbing such scams.
Also read: Stablecoins Enter The Mainstream: Mastercard and OKX Lead the Charge
