Summary: A sophisticated phishing attack utilizing Google’s infrastructure has emerged, where threat actors send legitimate-looking emails to capture users’ credentials through fake Google Sites pages. These emails, appearing to originate from Google, successfully pass security checks and encourage victims to interact with fraudulent links. Google has acknowledged the issue and implemented measures to prevent further abuses as phishing tactics continue to evolve.
Affected: Google Users
Keypoints :
- The phishing emails are signed and appear to be from [email protected], bypassing detection systems.
- Victims are tricked into visiting a fraudulent Google Support page that mimics the real site, leading them to a credential harvesting login.
- Google is addressing the issue and emphasizes the importance of two-factor authentication for user protection.
Source: https://thehackernews.com/2025/04/phishers-exploit-google-sites-and-dkim.html