Not every account security email you receive is legitimate. And if you see an email from Google in your Gmail inbox, think twice. There's a new Gmail scam going around — and it looks like it's coming straight from Google.
Your Next Google Security Email Could Be a Scam
The campaign was discovered after developer Nick Johnson received a complex phishing email that appeared to come from Google. In a thread on X, Johnson explained that the email was sent from no-reply@accounts.google.com and that it passed Google's DKIM signature check, meaning it was signed by accounts.google.com.
Because the email was signed from a legitimate Google website, Gmail did not raise any warnings. It stated that a subpoena had been sent to Google LLC asking the company to provide a copy of the recipient's Google account contents.
The email contains a sites.google.com link to a fake support page. This fake page displays the status of a forensic investigation report with a document review attached and two buttons to upload additional documents or view the case. Clicking any of these buttons takes you to another fake login page also hosted on sites.google.com.
Johnson doesn’t take it any further, but it’s safe to assume that the fake login page is there to collect your Google account credentials before redirecting you to a real Google page or page to avoid detection. Since you’re already logged in to check your Gmail and therefore see the notification, most Google pages will automatically open even if you enter your password, creating the illusion of a real login.
While the fake login page is an exact copy of the real Google page, you can easily tell the difference between the two if you look at the URL of the page. Legitimate Google login pages are hosted on accounts.google.com instead of sites.google.com. There are also two main red flags in the phishing email.
First, the email header shows that while the email is signed by accounts.google.com, it originated from a privateemail.com address and was sent to "me@googl-mail-smtp-out-192-168-142-125-38-prod.net" . The second clue lies at the bottom of the email, where there is a lot of white space followed by text that says "Google Legal Support has been granted access to your Google account" , followed by the email address mentioned above.
Google domains become scam playgrounds
Given that the phishing email appears to originate from a legitimate Google site, the average Gmail user would think nothing of following the instructions provided in the email. Additionally, since the fake pages are hosted on sites.google.com , people will see the legitimate google.com domain and assume the page is real.
Google Sites is a legitimate service from Google that allows you to quickly create your own website and host it on a Google domain. While it is a handy tool, it allows users to run external scripts and embeds of their choice, which is a major security risk.
Using this service also makes it incredibly easy to create phishing pages. Even if a page is taken down by Google’s anti-abuse team, scammers can quickly put up another one in a short period of time. Email, however, is a bigger security concern for Google.
Johnson reported the email bug to Google, but the company closed the issue, stating that the feature worked as expected and adding that it did not consider it a security issue. This means we could see similar campaigns in the future. Keeping malicious emails out is one of the reasons people are abandoning Gmail for a more security-focused alternative.
Until Google gets things right, make sure you keep an eye on such emails. If in doubt, check the subject line and body of the email for any strange email addresses or unusual text that wouldn’t appear in an official email.
Long-distance travel can involve heavy traffic, changing weather conditions, and rider fatigue. If you are also dealing with the responsibilities of moving home, such as packing belongings or coordinating accommodation, a long ride may add unnecessary pressure to an already busy schedule.
Tired of Microsoft Teams shortcut error preventing you from opening the app? Follow our expert, step-by-step guide with the latest fixes for instant resolution. Works on Windows, Mac & web – no tech skills needed!
Tired of Microsoft Teams Task Management Sync Error halting your workflow? Follow our proven, step-by-step fixes to resolve sync issues fast and restore seamless task collaboration. No tech expertise needed!
Struggling with Microsoft Teams Wiki Error Formatting? This step-by-step guide reveals proven fixes for common wiki tab issues, ensuring smooth editing and collaboration in Teams. Get back to productive wikis fast!
Struggling with Microsoft Teams installation error on Linux? Discover step-by-step fixes for Ubuntu, Fedora & more. Resolve dependency issues, crashes, and errors quickly with our ultimate guide. Get Teams running smoothly today!
Struggling with Microsoft Teams "Error Page" not loading? Get step-by-step fixes for desktop, web, and mobile. Solve Microsoft Teams Error Page issues quickly and resume seamless teamwork today.
Tired of Microsoft Teams "Error Screenshot" blocking your workflow? Get proven, step-by-step solutions to resolve screenshot errors in Teams instantly and boost productivity. No tech skills needed!
Tired of Microsoft Teams "Error U" User blocking your chats? Get proven, step-by-step fixes to clear cache, reset, and restore seamless collaboration instantly.
Unlock the precise locations of Microsoft Teams registry keys on Windows 11. Step-by-step guide to find, access, and safely tweak them for optimal performance and troubleshooting. Essential for IT pros and Teams enthusiasts.
Tired of Microsoft Teams "Training Error" Video Lag ruining your meetings? Follow our step-by-step guide with the latest fixes for smooth video calls—no more frustration!
