Join Forward-thinking Leaders
Elevate your expertise with tech insights, startup breakthroughs, and leadership intelligence curated for your priorities.
Beware of This Phishing Email Attack: New Scam Alert
Recently, a new phishing email attack has been making headlines, stealing users’ details, and claiming suspicious account activity. What’s more surprising is that their email scam uses Google branding to show legitimacy.
Summary:
1. Fake emails alert users to suspect account activity.
2. Scammers use Google logo to steal login information.
3. Google is allegedly correcting the glitch.
The fraud was first spotted and reported by X user Nick Johnson- “Recently I was targeted by an extremely sophisticated phishing attack, and I want to highlight it here. It exploits a vulnerability in Google’s infrastructure,” he said in a post.
To understand this scam in simple terms. Let’s quickly understand the meaning of a phishing attack.
What is Phishing Email Attack?
A phishing attack is a cybercrime in which hackers act as a legitimate entity, tricking individuals into falling for their scam and revealing their details, like credit card info. They reach users via email, text, or phone call, warning them about some severe account-related issue and making them click the malicious or spam links.
The users who have spotted this scam have mentioned some fine details to identify this fraud. They revealed how the scammers use Google branding to show legitimacy and their absolute professional tone to convince the scam instantly.
The phishing email includes the company’s branding, the correct logo, and language that appears professional. “The first thing to note is that this is a legitimate, signed email sent from no-reply@google.com.” It passes the DKIM signature check, and Gmail displays it without warning – it even appears in the same chat as other valid security alerts,” Johnson said in a blog post. But make no mistake: this is a phishing attack intended to steal your personal information.
Basically, in this phishing email scam, it sends you an email stating- Your Gmail account is being reviewed and attaching a link says- “Review Activity”, also it comes with a limitation of 24 hours to create urgency. But beware and don’t fall for this trap.
Because as soon as you tap on this email scam link, you will lose all your info to those scammers. It is intended to make you believe- it has been sent from Google, but it is a big malicious scam to steal your information.
Since this email scam is already making headlines, people have shown curiosity to understand what is phishing attack is to prevent themselves from this malicious act.
Johnson verified that Google has noted the problem and will solve it. “Google has reconsidered and will be fixing the OAuth bug!”
Based on the reports, this email phishing scam is also dangerous because of the way it looks so professional. The sender’s name is also displayed as “Google” if you take a quick glimpse, to make you believe it is a legitimate email address. But if you look closely, the email doesn’t belong to the authentic Google domain; rather, it shows some random letters, a common red flag to identify a malicious act.
The purpose of such phishing emails is undoubtedly to fool consumers into providing their Gmail login information on a bogus website that seems identical to the real thing. Once scammers have your credentials, they can access your emails, steal personal information, and even use your account to send other phishing emails to your contacts.
So, beware of this scam and think twice before responding if you come across any suspicious mail, as your one click might land your details in the scammer’s box. Although Google has acknowledged the concern, it is looking into this to take severe action and fix this scam as soon as possible. But it is advised that users be vigilant and not fall into the trap of such a phishing attack.
