Altcoins Talks - Cryptocurrency Forum
Further Discussions => Privacy Forum => Topic started by: Lucius on April 26, 2025, 05:45:32 PM
-
I read a few days ago that people are receiving phishing emails signed by Google, which is particularly worrying because they appear to be completely legitimate messages. I have also personally received several emails that look like standard "security notifications" about someone accessing my account from an unknown location - but looking at the address they were sent from, there is no doubt that they are phishing messages aimed at getting you to click on the link contained within them.
Everyone who uses Google email and their other services, be careful, these days you really can't tell if Google or someone with malicious intentions is sending you messages.
https://www.androidauthority.com/google-phishing-email-attack-authenticated-3544190/
-
I read a few days ago that people are receiving phishing emails signed by Google, which is particularly worrying because they appear to be completely legitimate messages. I have also personally received several emails that look like standard "security notifications" about someone accessing my account from an unknown location - but looking at the address they were sent from, there is no doubt that they are phishing messages aimed at getting you to click on the link contained within them.
I took a look at the article and I must say there is no way a normal person, forget normal person even a tech savvy person would think that the email is a phishing one at first glance! I mean there is no suspicious looking things like, random links, short links or "umlauts". This is just plain old mail from google! I don't understand why wouldn't google fix as serious as this! This type of phishing has the potential to scam millions!
-
@DYING_S0UL, this is an obvious example that shows that today everything is possible in the digital world, including finding security flaws even in such large companies as Google. The article says that a fix is being worked on, but not when it will be implemented.
It seems that it is not so simple, because the way hackers managed to do this is actually with the help of completely legitimate features provided by Google - which should either be disabled (which is unlikely), or implemented in another way.
-
@DYING_S0UL, this is an obvious example that shows that today everything is possible in the digital world, including finding security flaws even in such large companies as Google. The article says that a fix is being worked on, but not when it will be implemented.
It seems that it is not so simple, because the way hackers managed to do this is actually with the help of completely legitimate features provided by Google - which should either be disabled (which is unlikely), or implemented in another way.
But even so, cloning/impersonating (whatever that is) services like google to this level is a huge deal! We know scammers are always trying to exploit others but this method was totally unexpected and new. According to you the problem is being fixed (meaning it still hasn't been fixed), which is a little surprise to me that a big company like google would be a victim!
-
I receive the same email. It says update my back up email address but looking at my back up email its there and nothing was change.
Sign in to your Google Account [email protected]
Your Google Account has not been used within a 2-year period.
If you want to keep your Google Account, sign in to your Google Account before May 26, 2025.
To protect user privacy and account data, Google will delete Google Accounts that are not used. Learn more
I have been using my email for almost every month but I got this email which I'm sure this is really an attempt but it looks like the email comes from because it comes from Google <[email protected]>
-
@target, it's a good thing you didn't fall for the trick, and considering that you received that email, you can expect other similar ones in the future - whether it's warning you that someone from an unknown country has logged into your account, or they'll come up with something completely new with the goal of getting you to click on their link and enter your login details, which they then use to steal your account and all the other services associated with it.
Until the fix appears, stick to the following tips :
Beware of any email that urges immediate action and tells you you might face negative consequences. This is typically a sign that the email is malicious.
Check the "from" and " to" email addresses. If the " from" domain isn't the actual company or the "to" recipient is not you, the email is likely a scam.
Avoid clicking on links in the email. In the attack described by Johnson, the malicious site is hosted on a Google domain. However, Google would never send you a legal complaint and then direct you to the Google Sites domain. If you're in doubt, log into your Google account separately without clicking on any link and see if any messages or alerts are waiting for you.
Finally, run an online search for the content of the email. That can tell you if others have reported it as a scam or received a similar email.
-
Stealing Google accounts is much easier, lot of influencers like YouTubers lost their account because someone gained access to the Gmail used. And this is happening for years but Google is not doing anything better to stop these threats like improving their security protocols or possible ways to recover or lock if untrusted devices login.
-
Stealing Google accounts is much easier, lot of influencers like YouTubers lost their account because someone gained access to the Gmail used. And this is happening for years but Google is not doing anything better to stop these threats like improving their security protocols or possible ways to recover or lock if untrusted devices login.
Ha ha ha..this comment of yours reminded me of a meme related to google. When it comes to the original owner trying to login to their account google acts all mighty, powerful and security concern. But when a hacker hacks an account, google just pretends to see nothing. It is relatively easy for hackers to hack your Gmail with social engineering. I have seen countless users who lost the account to these hacks. And the worst part is Google's 2FA system that doesn't require any pin and the saved password feature. Imagine, you lost your gmail and along with all the important credentials!
https://www.facebook.com/share/v/168BKzHgHX/
-
Stealing Google accounts is much easier, lot of influencers like YouTubers lost their account because someone gained access to the Gmail used. And this is happening for years but Google is not doing anything better to stop these threats like improving their security protocols or possible ways to recover or lock if untrusted devices login.
Ha ha ha..this comment of yours reminded me of a meme related to google. When it comes to the original owner trying to login to their account google acts all mighty, powerful and security concern. But when a hacker hacks an account, google just pretends to see nothing. It is relatively easy for hackers to hack your Gmail with social engineering. I have seen countless users who lost the account to these hacks. And the worst part is Google's 2FA system that doesn't require any pin and the saved password feature. Imagine, you lost your gmail and along with all the important credentials!
https://www.facebook.com/share/v/168BKzHgHX/
Social engineering is the reason behind most hacks but there also some instances that the attackers launch much complicated like Cookie stealer that just steal the login cookie that is enough for the hacker to login, there's no need for username, password or even 2FA is not useful at that situation.
-
Looks like I'm also a victim of this attack. I don't receive e-mails from Google, though, but from Mozilla. I guess they can mimic various popular businesses to do this phishing trick. Luckily, I'm not falling for their scams even though my Gmail shows nothing is suspicious. If I don't need to have a Gmail account, I'd ditch them if something like this happens regularly.