Summary: Google issues urgent warning to Gmail users about phishing attacks from verified emails. Hackers use trusted-looking messages to steal data. These emails pass security checks and lead to fake login pages. Google is fixing the issue. Till then, users must stay alert, avoid suspicious links, and enable 2FA and passkeys.
Google has officially warned Gmail users about phishing attacks from verified emails. It uses official-looking messages to fool people. Such emails may look real but are very dangerous and can lead to scams. Google has confirmed the issue as well as is fixing it soon. Users must stay alert and follow safety steps immediately to protect themselves online.
Also Read: How to Find and Cancel iPhone, Mac or Android App Subscription
Scam Uses Verified Emails to Fool Gmail Users
A serious phishing scam is now targeting Gmail users. Attackers are sending emails from “no-reply@google.com.” These emails claim a legal notice was sent. They say a subpoena was issued for account data.
The message includes a link that looks real. It looks like a link to Google’s support page, but it actually redirects you to a fraudulent website. This phishing site is hosted on sites.google.com.
The page copies Google’s sign-in screen very closely. It tells users to log in and view details. When users enter their login information, it gets stolen. Hackers then get full access to Gmail accounts.
This fake email passes Google’s security checks easily. It uses DomainKeys Identified Mail, also called DKIM. This makes the email look verified and trusted. It may look like real alerts and that’s what makes it more believable.
Also Read: How to Clear iPhone System Data in 2025
How the Attack Works Behind the Scenes
The phishing campaign uses smart methods to look real. DKIM checks confirm the message came from a trusted domain. The scam also uses OAuth tricks to seem official.
Even experienced users are falling for this scam. A developer, Nick Johnson, shared his story online. He got an email that looked very real. It had a fake link and copied Google’s design.
The phishing site asks users to protest the subpoena. But instead, it steals their login details silently. Once entered, attackers get full account access. This includes emails, personal data, and sensitive documents.
The scam proves even verified emails can be fake. That’s why users must be extra careful now.
Also Read: Samsung One UI 7 Comes Live for Samsung Galaxy S24 Series
What Google and Users Must Do Now
Google has confirmed this attack and its details. The company said a fix is being prepared. They are rolling out new protections very soon. Google expects the solution to be fully live soon.
Till then, users must protect themselves carefully. Google has shared safety steps for all users.
Also Read: Google Launched ‘Identity Check’ Feature to Protect Privacy: Here’s How to Enable it!
Follow these steps to stay safe from the scam:
- Never click links in suspicious-looking emails.
- Visit Google directly using your browser.
- Check email senders before taking any action.
- Turn on two-factor authentication (2FA) immediately.
- Use passkeys for safer and easier sign-ins.
- Avoid responding to sudden or urgent messages.
- Don’t trust links in email threads blindly.
These steps help protect your account from hackers. Always be alert and double-check everything.
Written by: Shiny
Publishing Date & Time: Apr 20, 2025 at 18:10
Sources: Indiatvnews, Moneycontrol
