- By Prateek Levi
- Tue, 22 Apr 2025 11:53 AM (IST)
- Source:JND
The scammers these days have become much smarter and more innovative when it comes to exploiting your information or money and have conjured numerous sophisticated ways to get their hands on your coffers, and they have found ways through which their phishing and scamming techniques look almost legit.
You must have, at some time in your life, received an email from "no-reply@google.com", and you must have thought it was from Google. Well, no surprise here; it might not be from Google and could be a phishing mail. There is a new scam in the market now in which scammers are sending out phishing emails to exploit you, and those emails appear to come from the email address mentioned above, and they look very legit when you first look at them.
How Does It Work?
As per a report from Bleeping Computer, the email comes with an urgent summons from a "law enforcement" agency, which asks for information about the person to whom the mail is sent. Now what are these scammers using that makes their email look so legit? It was highlighted by the outlet that Google's "sites.google.com", which is a free web-building platform, is being used by phishing scammers to create a legit website or email, which scares the user/target into giving up his original personal information.
ALSO READ: Nothing Phone 3 Could Launch In Q3: AI Upgrades And Snapdragon 8 Chip Expected
Why Is Google Failing To Recognise It?
This is a legit question that comes to everyone's mind, and why is Google failing to flag this issue? EasyDMARC, an email authentication company, has some answers for you. Now the phishing email utilised by scammers is made using Google's own tool and it bypasses the DomainKeys Identified Mail (DKIM) authentication with ease. Usually, fake mails flagged by DKIM end up in your spam section. Scammers start by using the full text of their phishing email as the name of a fake OAuth app, i.e., it means giving their fake app the name that is the whole text of the email. This text then gets automatically filled into an email that Google sends to their address.
Interestingly, when the scammer forwards this phishing email to someone’s Gmail, it still appears signed and legitimate. That’s because DKIM only verifies the message body and headers. To complete the scam, the email links to a convincing support portal hosted on "sites.google.com" instead of the official "accounts.google.com". For someone who's not very tech-savvy, this setup can be pretty easy to fall for.
A similar case surfaced when Nick Johnson, lead developer of Ethereum Name Service (ENS), received such an email, but he was vigilant enough to figure that something was wrong. He then reported this to Google, saying that scammers are exploiting Google OAuth apps.
The tech giant initially said that everything was in control but later recognised the threat it poses to its users and is reportedly working on fixing the OAuth vulnerability. With this said, scammers have become more sophisticated and would innovate numerous ways to get their hands on your personal information and stuff, so it is essential for us to remain vigilant and aware.