Google Phishing Scam Alert: Urgent Subpoena Emails
Recently, attackers have been using a sophisticated phishing tactic to target individuals by sending emails that appear to be from “no-reply@google.com.” These emails are designed to look like urgent subpoena alerts related to “law enforcement” seeking information from the recipient’s Google Account. According to Bleeping Computer, the scam is utilizing Google’s “Sites” web-building app to create realistic-looking phishing websites and emails in an attempt to intimidate victims into providing their login credentials.
How Scammers Bypass Email Authentication
EasyDMARC, an email authentication company, explains that the phishing emails are able to bypass the DomainKeys Identified Mail (DKIM) authentication system, which would typically flag fake emails. This is because the emails are sent using Google’s own tool. The scammers input the entire email text as the name of their fake app, which is then automatically filled in when the email is sent from Google to the chosen address.
DKIM Relay Attack
When the email is forwarded from the scammer to a user’s Gmail inbox, it appears as a legitimate and valid email since DKIM only checks the message and headers. This tactic is similar to the recent phishing attacks targeting PayPal users. Additionally, the phishing email includes a link to a support portal on sites.google.com, attempting to deceive the recipient into thinking it is a genuine Google site.
Reporting the Scam
Nick Johnson, a developer at Etherem Name Service, also fell victim to the Google phishing scam. He reported the attackers’ misuse of Google OAuth applications as a security issue to Google. Initially, Google dismissed it as “working as intended,” but has since acknowledged the problem and is working on a solution.
Stay vigilant and cautious when receiving emails, especially those claiming to be urgent alerts from reputable companies like Google. Always verify the sender’s email address and be wary of any suspicious links or requests for personal information.
