See every side of every news story
Get Started
SubscribeLogin
Israel-Hamas Conflict
Pope Francis
Earth Day
Catholic Church
Vatican
IMF
Artificial Intelligence
Social Media
Education
Natural Disasters
Baseball
Tariffs
NFL
Published loading...Updated

Google's email spoofed by cunning phisherfolk

  • Attackers launched a DKIM replay phishing campaign by spoofing a Google security alert.
  • A weakness in Google's system allowed attackers to send a fake email that appeared legitimate.
  • The fraudulent email, appearing as no-reply@google.com, directed recipients to a fake support portal.
  • Nick Johnson noted the portal's URL as a hint: "sites.google.com" instead of "accounts.google.com."
  • Google recognized the OAuth issue and is working on a fix to prevent future attacks.
Insights by Ground AI
Does this summary seem wrong?

17 Articles

All
Left
Center
2
Right
The RegisterThe Register
Center

Google's email spoofed by cunning phisherfolk

Infosec In Brief: PLUS: Malware developers adopt Node.js; US disinformation warriors disbanded; Gig worker accounts for sale; and more

Read Full Article
BleepingComputerBleepingComputer
Reposted by
OODA LoopOODA Loop
Center

Phishers abuse Google OAuth to spoof Google in DKIM replay attack

In a rather clever attack, hackers leveraged a weakness that allowed them to send a fake email that seemed delivered from Google's systems, passing all verifications but pointing to a fraudulent page that collected logins.

Read Full Article
chip.dechip.de

Can deceive even experts: Especially perfidious Google trick appeared

Google users currently need to be particularly careful. Criminals have developed a new trick that can even fool trained eyes.

Read Full Article
FuturaFutura

Google leaves seven days for the victims of a new cyberattack...

A new phishing campaign has managed to circumvent Gmail's security, as messages appear to be official emails from Google. Victims can nevertheless regain control of their account if they act within seven days.

Read Full Article
golem.degolem.de

Golem.de: IT news for professionals

Attackers have spread phishing emails via a real Google sender address. Due to a trick, the fraud is difficult to detect. (Phishing, Google)

Read Full Article
IT Security News - cybersecurity, infosecurity newsIT Security News - cybersecurity, infosecurity news

Legacy Google Service Abused in Phishing Attacks

A sophisticated phishing campaign abuses weakness in Google Sites to spoof Google no-reply addresses and bypass protections. The post Legacy Google Service Abused in Phishing Attacks appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original… Read more → The post Legacy Google Service Abused in Phishing Attacks appeared first on IT Security News.

Read Full Article
Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • 100% of the sources are Center
100% Center
Factuality

To view factuality data please Upgrade to Premium

Ownership

To view ownership data please Upgrade to Vantage

BleepingComputer broke the news in on Sunday, April 20, 2025.
Sources are mostly out of (0)

Similar News Topics

iPhone

iPhone

Infrastructure

Infrastructure

Google

Google

You have read out of your 5 free daily articles.

Join us as a member to unlock exclusive access to diverse content.

News
For You
SearchBlindspotLocal