• About
  • FAQ
  • Contact Us
Newsletter
Crypto News
Advertisement
  • Home
    • Home – Layout 1
    • Home – Layout 2
    • Home – Layout 3
  • News
  • Market
  • Analysis
  • DeFi & NFTs
  • Guides
  • Tools
  • Flash
  • Insights
  • Subscribe
No Result
View All Result
  • Home
    • Home – Layout 1
    • Home – Layout 2
    • Home – Layout 3
  • News
  • Market
  • Analysis
  • DeFi & NFTs
  • Guides
  • Tools
  • Flash
  • Insights
  • Subscribe
No Result
View All Result
Crypto News
No Result
View All Result
Home Market

Phishing scammers now exploiting Google’s infrastructure to target crypto users

admin by admin
April 25, 2025
in Market
0
Phishing scammers now exploiting Google’s infrastructure to target crypto users
189
SHARES
1.5k
VIEWS
Share on FacebookShare on Twitter



Phishing scams targeting crypto users have become more advanced, with attackers abusing Google’s infrastructure to conduct highly convincing attacks.

On April 16, Nick Johnson, the founder and lead developer of Ethereum Name Service (ENS), raised concerns over a fresh method cybercriminals use to compromise Gmail accounts and potentially target associated crypto wallets.

How phishing attackers are using Google to their advantage

According to Johnson, the attackers exploit a loophole in Google’s ecosystem that allows them to send phishing emails that appear genuine security alerts from the tech giant itself.

These emails are signed with valid DomainKeys Identified Mail (DKIM) signatures, enabling them to bypass spam filters and appear authentic to recipients.

Once opened, these emails direct users to a counterfeit support portal hosted on a Google subdomain. This fake page prompts victims to log in and upload sensitive documents.

However, Johnson warned that the attackers are likely harvesting credentials, which could compromise Gmail accounts and any services linked to those emails.

The phishing sites are built using Google’s Sites platform, which allows custom scripts and embedded content.

While this flexibility benefits legitimate users, it also allows malicious actors to create convincing phishing portals. Even more concerning is that there’s currently no way to report abuse directly through the Google Sites interface, making it easier for attackers to keep their content online.

He said:

“Google long ago realised that hosting public, user-specified content on google.com is a bad idea, but Google Sites has stuck around. IMO they need to disable scrips and arbitrary embeds in Sites; this is too powerful a phishing vector.”

To further enhance the illusion of legitimacy, the scammers create a Google OAuth application that formats and shares the phishing message. These messages are always complete with structured text and what appears to be contact information for Google Legal Support.

Google’s response

Johnson reported that he submitted a bug report to Google about this vulnerability.

Still, the search engine giant reportedly stated that the features work as intended and do not constitute a security issue.

Johnson wrote:

“I’ve submitted a bug report to Google about this; unfortunately they closed it as ‘Working as Intended’ and explained that they don’t consider it a security bug.”

Nevertheless, he urged Google to consider limiting script and embedding functionality to help prevent future abuse.

This incident highlights the increasing sophistication of phishing campaigns within the crypto space. According to Scam Sniffer, nearly 6,000 users lost around $6.37 million to phishing scams in March 2025 alone. In the first quarter of the year, 22,654 victims suffered total losses of $21.94 million.

Mentioned in this article




#Phishing #scammers #exploiting #Googles #infrastructure #target #crypto #users

Related articles

Fast food giant Steak ‘n Shake launches Bitcoin payments, boosts financial efficiency

Fast food giant Steak ‘n Shake launches Bitcoin payments, boosts financial efficiency

May 27, 2025
Bo Hines declares the US won’t sell Bitcoin, seek endless accumulation for strategic reserve

Bo Hines declares the US won’t sell Bitcoin, seek endless accumulation for strategic reserve

May 27, 2025
Tags: 15 sei sei to unlock 12024 17 peoplean infiltration attempt there pbeing adopted on pos it iscirca 2017 blockchainclear loopholes in hong kong scryptocrypto walletexploitingfounder and lead developer offresh method cybercriminalsGoogleGoogleshurt people they hurtInfrastructurelead developer of ethereummore than 53 000 people deadnull d 2c fillphishingproposal seeks 200scammersscammers create asolana sol and dogecoin doge alltargetthe model an opentop four footballus isolation thoughusersyou a community created repository of
Share76Tweet47

Related Posts

Fast food giant Steak ‘n Shake launches Bitcoin payments, boosts financial efficiency

Fast food giant Steak ‘n Shake launches Bitcoin payments, boosts financial efficiency

by admin
May 27, 2025
0

Fast food chain Steak ‘n Shake has expanded its payment options to include Bitcoin (BTC) at all of its locations...

Bo Hines declares the US won’t sell Bitcoin, seek endless accumulation for strategic reserve

Bo Hines declares the US won’t sell Bitcoin, seek endless accumulation for strategic reserve

by admin
May 27, 2025
0

Bo Hines told the 2025 Bitcoin Conference in Las Vegas on May 27 that the federal government will hold every...

Cetus seeks Sui community nod to unlock 2M to make users whole

Cetus seeks Sui community nod to unlock $162M to make users whole

by admin
May 27, 2025
0

Sui-based protocol Cetus said on May 27 that it can reimburse every user affected by its May 22 exploit if...

VanEck proposes mining royalty to fill US strategic Bitcoin reserve in a budget-neutral way

VanEck proposes mining royalty to fill US strategic Bitcoin reserve in a budget-neutral way

by admin
May 27, 2025
0

VanEck head of digital assets research Matthew Sigel called on US lawmakers to attach a royalty to domestic Bitcoin (BTC)...

SharpLink makes 5M Ethereum treasury plunge with Joseph Lubin’s guidance

SharpLink makes $425M Ethereum treasury plunge with Joseph Lubin’s guidance

by admin
May 27, 2025
0

SharpLink Gaming plans to establish a $425 million Ethereum (ETH) treasury under the guidance of Consensys CEO and Ethereum co-founder...

Load More
  • Trending
  • Comments
  • Latest
Bitcoin and Ethereum Stuck in Range, DOGE and XRP Gain

Bitcoin and Ethereum Stuck in Range, DOGE and XRP Gain

April 25, 2025
Saylor says Warren Buffett’s Berkshire Hathaway is Bitcoin of 20th century – Deep Insight

Saylor says Warren Buffett’s Berkshire Hathaway is Bitcoin of 20th century – Deep Insight

May 7, 2025
Amazon CEO on Crypto and NFTs, EPNS to Expand Beyond Ethereum + More News

Amazon CEO on Crypto and NFTs, EPNS to Expand Beyond Ethereum + More News

April 25, 2025
Why DeFi agents need a private brain

Why DeFi agents need a private brain

May 4, 2025
US Commodities Regulator Beefs Up Bitcoin Futures Review

US Commodities Regulator Beefs Up Bitcoin Futures Review

0
Bitcoin Hits 2018 Low as Concerns Mount on Regulation, Viability

Bitcoin Hits 2018 Low as Concerns Mount on Regulation, Viability

0
India: Bitcoin Prices Drop As Media Misinterprets Gov’s Regulation Speech

India: Bitcoin Prices Drop As Media Misinterprets Gov’s Regulation Speech

0
Bitcoin’s Main Rival Ethereum Hits A Fresh Record High: 5.55

Bitcoin’s Main Rival Ethereum Hits A Fresh Record High: $425.55

0
ASIC Sues Former Blockchain Global Exec Over M in Unpaid Customer Claims

ASIC Sues Former Blockchain Global Exec Over $20M in Unpaid Customer Claims

May 28, 2025
Crypto czar Sacks says US could possibly ‘acquire more Bitcoin’

Crypto czar Sacks says US could possibly ‘acquire more Bitcoin’

May 28, 2025
Bitcoin Traders Eye New Highs by End of Summer; Ether Rises 3% on Treasury Optimism

Bitcoin Traders Eye New Highs by End of Summer; Ether Rises 3% on Treasury Optimism

May 28, 2025
Cetus Reveals Recovery Plan, Taps SUI for Bridge Loan

Cetus Reveals Recovery Plan, Taps SUI for Bridge Loan

May 28, 2025
  • About
  • FAQ
  • Contact Us
Call us: +1 23456 JEG THEME

© 2025 Btc04.com

No Result
View All Result
  • Home
  • News
  • Market
  • Analysis
  • DeFi & NFTs
  • Guides
  • Tools
  • Flash
  • Insights
  • Subscribe
  • Contact Us

© 2025 Btc04.com