Not every account security email you receive is legitimate. And if you see an email from Google in your Gmail inbox, think twice. There's a new Gmail scam going around — and it looks like it's coming straight from Google.
Your Next Google Security Email Could Be a Scam
The campaign was discovered after developer Nick Johnson received a complex phishing email that appeared to come from Google. In a thread on X, Johnson explained that the email was sent from [email protected] and that it passed Google's DKIM signature check, meaning it was signed by accounts.google.com.
Because the email was signed from a legitimate Google website, Gmail did not raise any warnings. It stated that a subpoena had been sent to Google LLC asking the company to provide a copy of the recipient's Google account contents.
The email contains a sites.google.com link to a fake support page. This fake page displays the status of a forensic investigation report with a document review attached and two buttons to upload additional documents or view the case. Clicking any of these buttons takes you to another fake login page also hosted on sites.google.com.
Johnson doesn’t take it any further, but it’s safe to assume that the fake login page is there to collect your Google account credentials before redirecting you to a real Google page or page to avoid detection. Since you’re already logged in to check your Gmail and therefore see the notification, most Google pages will automatically open even if you enter your password, creating the illusion of a real login.
While the fake login page is an exact copy of the real Google page, you can easily tell the difference between the two if you look at the URL of the page. Legitimate Google login pages are hosted on accounts.google.com instead of sites.google.com. There are also two main red flags in the phishing email.
First, the email header shows that while the email is signed by accounts.google.com, it originated from a privateemail.com address and was sent to "[email protected]" . The second clue lies at the bottom of the email, where there is a lot of white space followed by text that says "Google Legal Support has been granted access to your Google account" , followed by the email address mentioned above.
Google domains become scam playgrounds
Given that the phishing email appears to originate from a legitimate Google site, the average Gmail user would think nothing of following the instructions provided in the email. Additionally, since the fake pages are hosted on sites.google.com , people will see the legitimate google.com domain and assume the page is real.
Google Sites is a legitimate service from Google that allows you to quickly create your own website and host it on a Google domain. While it is a handy tool, it allows users to run external scripts and embeds of their choice, which is a major security risk.
Using this service also makes it incredibly easy to create phishing pages. Even if a page is taken down by Google’s anti-abuse team, scammers can quickly put up another one in a short period of time. Email, however, is a bigger security concern for Google.
Johnson reported the email bug to Google, but the company closed the issue, stating that the feature worked as expected and adding that it did not consider it a security issue. This means we could see similar campaigns in the future. Keeping malicious emails out is one of the reasons people are abandoning Gmail for a more security-focused alternative.
Until Google gets things right, make sure you keep an eye on such emails. If in doubt, check the subject line and body of the email for any strange email addresses or unusual text that wouldn’t appear in an official email.
For a long time, with the development and popularity of social networking platforms, the "blue tick" has gradually become one of the most powerful characters in the internet world.
Google's Chromecast line has long been a popular choice if you want to replace your smart TV experience or turn any TV into a smart TV.
Google is adding a small but long-awaited new feature to the Play Store.
After years of neglect, Google has finally decided to refocus its investment on extended reality (XR) devices like headsets and glasses.
While not as widely discussed as some of its competitors, Google's Gemini AI has a lot going for it — and here are five reasons why Gemini deserves your attention.
There are many Android manufacturers, but not all of them pay attention to software updates. Although the situation has improved over the past decade, not all smartphone manufacturers provide great software support.
Recently, some users noticed that Google Gemini has been giving repetitive text, weird characters, and complete nonsense in some responses.
The Google app for iPhone is about to become a little less useful as Google recently removed access to Gemini AI from that app.
Losing access to your Google account can have serious consequences beyond not being able to send and receive email.
Google has just announced that users can now create videos using artificial intelligence through its Gemini chatbot and the recently launched experimental tool Whisk.
Whether you're taking your first steps into the workforce or transitioning to a new industry, Google's experimental Career Dreamer is designed to connect you with compatible roles.
Last year, Google introduced an AI-powered shopping assistant in Search that allows users to get a visual idea of how a piece of clothing would look on a specific body type.
Google has been increasingly showing interest in the field of artificial intelligence applications in medicine.
After a few days of confusion, Google has officially confirmed the issue with both the second-generation Chromecast and Chromecast Audio.
On Monday, internal documents describing the factors Google Search considers when ranking and displaying web results were leaked.
Master how to download Microsoft Teams chat history and transcripts effortlessly. Step-by-step guide with proven methods for chats, meetings, and admin exports—no tech skills needed!
Tired of silent Microsoft Teams ringtone not working? Follow our expert, step-by-step guide with quick fixes and advanced troubleshooting to get notifications ringing again. No tech skills needed!
Stuck with Microsoft Teams login error on Chromebook? Our ultimate troubleshooting guide delivers quick, reliable fixes for cache issues, updates, and more. Resolve it in minutes and stay connected!
Tired of Microsoft Teams Desktop Error crashing on startup? Follow our proven, step-by-step fixes to resolve Teams startup crash instantly. Works on latest versions!
Frustrated because Breakout Rooms are missing in your Teams meeting? Uncover the top reasons why you can't see Breakout Rooms in Teams and follow our step-by-step fixes to get them working smoothly in minutes. Perfect for organizers and participants alike!
Tired of the frustrating Microsoft Teams "Cho Mac" error crashing your Mac OS workflow? Follow our proven, step-by-step fixes to solve Microsoft Teams "Cho Mac" Error (Mac OS) quickly and restore seamless team collaboration. Updated with latest patches.
Stuck with Microsoft Teams "Guest" access error? Follow our expert, step-by-step troubleshooting guide to resolve guest invite failures, permission issues, and more. Get guests collaborating in Teams today!
Unlock seamless collaboration with this ultimate step-by-step guide on how to make breakout rooms before a meeting starts in Zoom. Pre-assign participants effortlessly for maximum engagement. Perfect for educators, teams, and leaders.
Is Microsoft Teams down in 2026? Discover proven steps to fix "Down" server status, troubleshoot outages, and get back to seamless collaboration fast. Quick fixes inside!
Struggling with Microsoft Teams "Error H" during updates? Discover step-by-step troubleshooting for Microsoft Teams "Error H" updates, common causes, and quick fixes to restore seamless collaboration. Updated with the latest solutions.
Tired of the frustrating Microsoft Teams "Unexpected Error" blocking your mobile login? Follow our expert, step-by-step guide with the latest fixes for Android and iOS to regain seamless access fast—no tech skills needed!
Tired of Microsoft Teams "Unexpected Error" crashing your startup? Follow our step-by-step guide with the latest fixes for Solving Microsoft Teams "Unexpected Error" Startup. Get back to productive meetings in minutes!
Frustrated by Microsoft Teams "For Linux" installation error? Discover proven, step-by-step solutions for Ubuntu, Debian, Fedora & more. Fix it fast and get seamless collaboration now!
Struggling with Microsoft Teams "Password Error" because you forgot your password? Follow our step-by-step guide on how to fix Microsoft Teams password error forgot issues quickly and securely. No tech skills needed!
Struggling with Microsoft Teams "Image Error" in chat? Discover proven step-by-step troubleshooting tips to resolve image display issues fast. No more frustration—get your chats working smoothly today!
