BlockBeats News, April 20th - SlowMist founder Cosmos posted on social media that earlier, the ENS chief developer fell victim to a phishing attack that exploited a vulnerability in Google's infrastructure. The phishing group sent out a phishing email disguised as an official Google communication, tricking users into believing they were under investigation. While Google has taken countermeasures, today the phishing group launched a new round of phishing attacks and will continue to lure users to a subdomain of "google.com," prompting them to disclose their account passwords and immediately add a Passkey.
BlockBeats previously reported that on April 16th, ENS chief developer nick.eth stated that he experienced a highly sophisticated phishing attack that exploited a vulnerability in Google's infrastructure, which Google refused to fix. He indicated that the attack email looked very authentic, could pass DKIM signature verification, and was displayed normally in Gmail, alongside other legitimate security alerts in the same thread. The attackers used Google's "sites" service to create a trusted "support portal" page, as users would see the domain name containing "google.com" and mistake it for being secure. Users should remain vigilant.
Disclaimer: Investing carries risk. This is not financial advice. The above content should not be regarded as an offer, recommendation, or solicitation on acquiring or disposing of any financial products, any associated discussions, comments, or posts by author or other users should not be considered as such either. It is solely for general information purpose only, which does not consider your own investment objectives, financial situations or needs. TTM assumes no responsibility or warranty for the accuracy and completeness of the information, investors should do their own research and may seek professional advice before investing.