Slow Fog Cosine: Fishing gangs use Google subdomains to carry out a new round of phishing attacks,诱导用户泄露账户密码

2025-04-20 21:57:23

Collection

ChainCatcher news, Slow Mist founder Yu Xian stated on social media that the ENS chief developer was previously targeted by a phishing attack that exploited a vulnerability in Google's infrastructure. The phishing gang deceived users by disguising phishing emails as official Google communications, leading to users being targeted by law enforcement. Although Google has implemented countermeasures, today this phishing gang launched a new round of phishing attacks and will continue to lure users to a "google.com" subdomain, enticing users to disclose their account passwords and immediately add a Passkey.

ChainCatcher previously reported that ENS chief developer nick.eth mentioned on social media that he encountered an extremely sophisticated phishing attack that exploited a vulnerability in Google's infrastructure, but Google refused to fix the vulnerability.

He indicated that the attack emails appeared very authentic, could be verified through DKIM signatures, and were displayed normally in Gmail, alongside other legitimate security warnings. The attackers utilized Google's "Sites" service to create a trustworthy "support portal" page, as users would see "google.com" in the domain and mistakenly believe it was safe, so users need to remain vigilant.

(Source Link)

Related tags

Slow fog cosine fishing email Passkey

ChainCatcher reminds readers to view blockchain rationally, enhance risk awareness, and be cautious of various virtual token issuances and speculations. All content on this site is solely market information or related party opinions, and does not constitute any form of investment advice. If you find sensitive information in the content, please click "Report", and we will handle it promptly.