Slow Mist Cosine: Phishing gangs use Google subdomains to carry out a new round of phishing attacks, inducing users to disclose account passwords

Slow Mist founder Cosine posted on social media that the previous ENS chief developer was attacked by phishing, which exploited a vulnerability in Google's infrastructure. The phishing gang tricked users into being targeted by law enforcement by disguising Google's official phishing emails. Although Goolge escalated its confrontation. But today the phishing gang carried out a new round of phishing attacks, and will continue to lure users to the "google.com" subdomain, induce users to disclose account passwords, and immediately add Passkey. BlockBeats previously reported that on April 16, ENS chief developer nick.eth posted that it suffered an extremely complex phishing attack, which exploited a vulnerability in Google's infrastructure, but Google refused to fix the vulnerability. He showed that the attack email looked very real, could be verified by DKIM signature, was displayed normally by GMail, and was placed in the same conversation as other legitimate security warnings. The attacker took advantage of Google's "site" service to create a trusted "support portal" page, because users would see that the domain name contained "google.com" and mistakenly thought it was safe. Users need to be cautious.