Be Aware, New phishing technique abusing legitimate Google email notifications

[Dictator69]

Hi everyone!

I was reading news and this one specific report got my attention. It is related to a security flaw which is not basically hacking, but more like feature abuse of Google.

Casa co founder Jameson Lopp warned us about a new phishing technique that these scammers are using. They are using legitimate Google infrastructure like Workspace or developer tools to input frantic scam messages directly into the "Name" or "Organization" field and then they enter thousands of spaces which hide the disclaimer by Google that says "If you didn't request this, ignore it." So when someone receives a recovery email notification in their email they would not read the last disclaimer because scammers put thousands of spaces to hide it.

These emails won't go into our spam folder because they are triggered by Google itself, and they pass all security checks like SPF, DKIM, and DMARC and land straight in your Primary Inbox, not in the spam folder.

Thousands of spaces will push the legitimate system footer down, and you will only see the scammer's scary message on the top. You would see the email which is the official Google email and you could think it is real but before clicking anything verify directly from your Google account security feature as they have said it themselves.

Stay safe, check your settings manually, and never rush into clicking links out of panic! Although chances are high that by now they might have solved the issue but even if you have received such emails manipulated by scammers, don't do anything and confirm from your security activity log on Google's main security page.
 

[hd49728]

Stay safe, check your settings manually, and never rush into clicking links out of panic! Although chances are high that by now they might have solved the issue but even if you have received such emails manipulated by scammers, don't do anything and confirm from your security activity log on Google's main security page.

There is no need of a hurry to change anything, there is a mandatory step to check your account security, activity log before doing anything later. If there is nothing strange in your account log, security log, you can feel that your account is safe. Then you can check by searching for whether there is any scam wave aims at Google and Gmail accounts, and likely you will find something.

Above all these things, with any accounts, not only Gmail accounts, you must use strong passwords and turn on 2FA.
[GUIDE] How to create a strong password.

Preventing your account hack by having strong password and active 2FA is better than are fearful of account hack while don't set up security things properly.

[Chinesebaby]

Hi everyone!

I was reading news and this one specific report got my attention. It is related to a security flaw which is not basically hacking, but more like feature abuse of Google.

Casa co founder Jameson Lopp warned us about a new phishing technique that these scammers are using. They are using legitimate Google infrastructure like Workspace or developer tools to input frantic scam messages directly into the "Name" or "Organization" field and then they enter thousands of spaces which hide the disclaimer by Google that says "If you didn't request this, ignore it." So when someone receives a recovery email notification in their email they would not read the last disclaimer because scammers put thousands of spaces to hide it.

I have seen many times the image on the left you just shared above on my Google mail inbox, but never knew it was fake and didn't come from Google entirely, since everything looks real and authentic, displaying Google features. But what I usually do is ignore it, since I never initiated any action to add a recovery mail on my account, and when I see it, I'm sometimes always confused. So I'm happy and want to thank you O.P for sharing this wonderful piece of information to us regarding our Gmail security.

[snowpega]

Thank you, OP, for bringing this to our attention. I literally received a lot of promotional emails on a daily basis. But I never opened them and click them. I am already aware of how much it can be risky to click the unknown link, more espacially if you are a crypto space user. So, we have to be extra attentive in such cases. As a single mistake can lead to worse-case scenarios, where we can lose our assets. Abide by this, I have been facing attacks back in the days, and I still don't know the reason for that.

But on ALTT, a user suggested to me I should not use an unpaid VPN as it can also bring trogone attacks to the device.
After he gave me this advice, I bought a paid one for my use. Now you may be wondering why I use VPN, haha. Actually, in my country, Telegram is banned, so I have to use a proxy to access the Telegram app, and as a user of this forum, you also know the importance of the Telegram app.