Hot
Video
Sports
Cricket
Entertainment
Technology
Health
Lifestyle
Auto
Business
Education
National
World
Politics
Travel
Food
Attention! Your Gmail account is at risk of phishing attack
NewsBytes April 23, 2025 12:39 AM


Attention! Your Gmail account is at risk of phishing attack
22 Apr 2025


Google has warned its three billion Gmail users of a sophisticated phishing scam that is fooling even the most tech-savvy people.

This comes after software developer Nick Johnson warned about the scam on social media after nearly falling for it himself.

According to him, the fake email looked like an official communication from Google and even passed the firm's DKIM (Domain Keys Identified Mail) check, making it look like a regular message in Gmail's inbox.


The scam exploited a vulnerability in Google's infrastructure
Scam details


Johnson revealed the phishing attack exploited a vulnerability in Google's infrastructure.

The scam email, which looked like it was coming from a legitimate Google address, claimed Johnson's Google account had been subpoenaed.

The only clue it was a phishing attempt was the domain it was hosted on: sites.google.com instead of accounts.google.com.

Clicking on it led to a fake "support portal" mimicking real Google login pages, designed to trick users into revealing their credentials.


Google has blocked the loophole used in the scam
Safety measures


Addressing this threat, a Google spokesperson said they are aware of this kind of targeted attack and have taken steps to prevent further abuse.

The company has also issued new guidelines to keep users from falling for similar email traps.

"Google will not ask for any of your account credentials - including your password, one-time passwords, confirm push notifications, etc. - and Google will not call you," the spokesperson emphasized.


Phishing attempts are becoming increasingly difficult to detect
User vulnerability


Phishing attempts are getting harder to detect, with scammers using familiar-looking URLs and subtle domain name changes to fool users.

Johnson warned that many people may not even notice these slight tweaks, which could lead to major problems for their bank account or identity.

Those who rely only on passwords without two-factor authentication (2FA) or passkeys are especially vulnerable.


Google urges users to be cautious
Guidance


Google has urged users to be cautious and think twice before clicking on links in emails about account issues.

"When we receive a request from a government agency, we send an email to the user account before disclosing information," Google's Privacy and Terms page reads.

The tech giant also said they will not provide notice when legally prohibited under the terms of the request but will do so once a legal prohibition is lifted.

You might like
Mumbai News: BMC Issues Demolition Of 45 Illegal Flats Built On Parking Area In Dongri
Deep understanding of consumer behavior and AI key to growth: Zupee founder
Tommy Hilfiger lands in Mumbai: A stylish in-store talk and star-studded Bollywood dinner to celebrate fashion, culture & creativity
Nifty turns 29: From 1,000 in 1996 to over 26,000, a look at its journey so far
Deliure Unveils a Mango-Infused Menu to Sweeten Your Summer
© Copyright @2025 LIDEA. All Rights Reserved.