• Latest
  • All
  • How To
phishing emails

Hackers Now Sending Phishing Emails From “[email protected]”

April 22, 2025
ios 26 apple

iOS 26: New Features To Expect Ahead of June 9 Launch

June 5, 2025
CA ranked by ITU as best in Africa ICT regulations

Kenya’s ICT Regulation Surpasses US, Crowned Africa’s Best by UN

June 5, 2025
Kenya startup funding growth

New Report: Startup Growth at Risk Due to Foreign Funding Dependence

June 5, 2025
Apple Airpods

AirPods Could Soon Answer Calls and Snap Photos Hands Free

June 5, 2025
DHgate Tablet Cases deals
instagram-edits

Instagram Adds Teleprompter to Edits App in Bid to Rival CapCut

June 5, 2025
Sora

Microsoft Brings Sora AI Video Creator to Bing App

June 5, 2025
google-ai-edge-gallery

New Google App Lets You Use AI Offline on Android

June 5, 2025
adobe-photoshop-iphone

Adobe Launches Photoshop Beta App for Android

June 5, 2025
Material 3 Expressive

Gmail and Messages Get a Colorful Makeover

June 5, 2025
Rose Njeri, the creator of Civic Email

Rose Njeri Charged With Cybercrime for Letting Kenyans Email Their MPs

June 3, 2025
Infinix Hot 60 Pro+ Leaked Design

Infinix Hot 60 Pro+ Could Be the World’s Thinnest Curved Display Phone

June 3, 2025
Infinix Note 50 Pro Review

Infinix Note 50 Pro Review: A Budget Phone Shouldn’t Be This Good

Techweez | Tech News, Reviews, Deals, Tips and How To
  • News
  • Entertainment
  • Reviews
  • Features
  • Editorial
No Result
View All Result
Techweez | Tech News, Reviews, Deals, Tips and How To
  • News
  • Entertainment
  • Reviews
  • Features
  • Editorial
No Result
View All Result
Techweez | Tech News, Reviews, Deals, Tips and How To
No Result
View All Result

Hackers Now Sending Phishing Emails From “[email protected]”

Naftary Thitu by Naftary Thitu
April 22, 2025
in News
Reading Time: 4 mins read
298
0
phishing emails

Receiving an email from Google might feel safe, but it shouldn’t anymore. A new phishing campaign is leveraging a clever mix of Google OAuth abuse and DKIM replay attacks to deliver malicious emails that appear 100% legit, straight from Google’s own servers.

This phishing attempt is a highly convincing scheme that slips past security filters and lands directly in Gmail inboxes.

Hackers have found a way to exploit Google’s trusted infrastructure to send phishing emails that look like they’re coming from Google, and they really are. Here’s how it works.

Attack Process

1. Crafting the Bait

Attackers set up a legitimate-looking Google Workspace account and create a custom OAuth app. But instead of a real app name, they stuff phishing content (like fake alerts or threats) into the app’s name field.

2. Letting Google Do the Talking

When users interact with the malicious OAuth app, Google, as part of its automated security features, sends a security alert email to the user. This email, ironically meant to notify about a new login, includes the app’s “name” (which is actually the phishing message).

3. Signed, Sealed, Delivered

Because the email is generated and sent by Google’s systems, it carries a valid DKIM signature, a digital signature that proves authenticity to email security systems.

4. Phishing Page on Google Sites

Clicking links in the phishing message leads users to a spoofed support page hosted on Google Sites, designed to look like a real Google support page, only it’s harvesting your credentials.

Source: Nick Johnson

Why This Is Dangerous

  • It bypasses spam filters: The email technically comes from Google’s servers, complete with all the proper authentication, so spam filters don’t flag it.
  • It looks legit: Even savvy users might not think twice about an email from Google.
  • It abuses trust: Hosting phishing pages on sites.google.com makes the entire attack feel even more real.

Google’s Response

Initially, Google said the behavior was “functioning as intended.” The emails were legitimate alerts triggered by user actions.

However, after cybersecurity experts like Ethereum Name Service developer Nick Johnson raised alarms, Google confirmed the abuse and started working on fixes to prevent this attack method.

How to Stay Safe

  • Enable 2FA or passkeys: Add an extra layer of protection to your Google account. It’s your first line of defense if credentials are compromised.
  • Review connected apps: Go to your Google Account → Security → Third-party access and revoke anything you don’t recognize.
  • Always double-check URLs: Before clicking on links in emails, hover to preview them, or better yet, go directly to the site manually.
  • Be skeptical of urgent language: “Your account is compromised!” and “Click here to recover!” are classic red flags.
  • Report suspicious emails: Use Gmail’s “Report phishing” option to flag malicious emails.

This phishing campaign is a textbook example of attackers using trusted systems against us. When an email passes every security check and bears Google’s own digital signature, it’s certainly a tough one to spot.

Tags: CybersecurityGmailGooglePhishing
SendShare165Tweet103
Naftary Thitu

Naftary Thitu

Tech enthusiast and ICT guru by trade, I've swapped debugging code for decoding tech trends. When I’m not wrangling with cybersecurity conundrums or geeking out over the latest gadgets, I’m busy turning techie mumbo jumbo into engaging, often hilarious, articles.

Related Posts

google-ai-edge-gallery

New Google App Lets You Use AI Offline on Android

June 5, 2025
Material 3 Expressive

Gmail and Messages Get a Colorful Makeover

June 5, 2025
google-chrome

Three Billion Chrome Browser Users at Risk from Zero Day Hack

June 3, 2025
google-veo-3

Actors and Film Crews Are Worried About Veo 3 Taking Their Jobs

May 29, 2025
Connected Africa Summit 2025

Connected Africa 2025 Day 2: Focus on Digital Inclusion & Cybersecurity

May 27, 2025
veo 3

Veo 3 by Google Sets a New Standard in AI Video Creation

May 28, 2025

Latest

ios 26 apple

iOS 26: New Features To Expect Ahead of June 9 Launch

June 5, 2025
CA ranked by ITU as best in Africa ICT regulations

Kenya’s ICT Regulation Surpasses US, Crowned Africa’s Best by UN

June 5, 2025
Kenya startup funding growth

New Report: Startup Growth at Risk Due to Foreign Funding Dependence

June 5, 2025
Apple Airpods

AirPods Could Soon Answer Calls and Snap Photos Hands Free

June 5, 2025
instagram-edits

Instagram Adds Teleprompter to Edits App in Bid to Rival CapCut

June 5, 2025
Sora

Microsoft Brings Sora AI Video Creator to Bing App

June 5, 2025

Best devices

budget smartwatches 2025

Best Budget Smartwatches To Buy in Kenya 2025

February 13, 2025

Best Infinix Smartphones To Buy in Kenya 2024

February 13, 2025

Best Laptops for Battery Life in 2024

August 21, 2024

Best “Battery Warrior” Smartphones To Buy in 2024

August 22, 2024

iOS 26: New Features To Expect Ahead of June 9 Launch

June 5, 2025

Kenya’s ICT Regulation Surpasses US, Crowned Africa’s Best by UN

June 5, 2025

Techweez is a fast growing influential source of technology news, reviews and analysis by leading tech geeks in the industry.

Follow Us

Editorials

Actors and Film Crews Are Worried About Veo 3 Taking Their Jobs

Samsung QLED TVs Now Officially Certified for Real Quantum Dot Technology

Trump’s Tariffs Will Be the End of Affordable Tech

5 Ways to Prep Your Tech for Resale

The Weaponization of PDFs: How Cybercriminals Are Exploiting a Trusted Format

Introducing A Brainbox Quiz: Techweez’s Monthly Trivia Night!

More News

New Google App Lets You Use AI Offline on Android

Adobe Launches Photoshop Beta App for Android

Gmail and Messages Get a Colorful Makeover

Rose Njeri Charged With Cybercrime for Letting Kenyans Email Their MPs

Infinix Hot 60 Pro+ Could Be the World’s Thinnest Curved Display Phone

Infinix Note 50 Pro Review: A Budget Phone Shouldn’t Be This Good

  • Terms Of Use
  • Techweez Brand
  • Privacy & Policy
  • Contact Us

© 2024 Techweez - Palahala Media Group may earn a commission when you buy through links on our sites.
A Palahala Media Group Brand. All rights reserved.
.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

Techweez | Tech News, Reviews, Deals, Tips and How To
Crunchy Cookies 🍪 Ahead!

Hey there! Just a heads-up: we're big fans of cookies - both the digital and edible kind! 🍪 We use our cookies and some from third parties to ensure your browsing experience on our site is smooth sailing and secure.

 

But wait, there's more! We also use cookies to gather stats and insights on how you navigate our site. It's like getting a behind-the-scenes peek at your digital adventures!

 

Don't worry, you're in control. You can adjust your cookie settings anytime to suit your preferences. Feeling curious? Dive into our Privacy Policy for all the juicy details. Happy browsing! 🚀

Functional Always active
Listen, this legal stuff is about as exciting as watching paint dry. But it basically says we only use your stuff for what you asked us to do, and nobody else gets to peek!
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
It's those sneaky cookie crumbs websites leave behind to count visitors, like counting ants at a picnic! Totally harmless, just for fun facts. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
Hey there! Just letting you know we use some fancy gizmos to remember your preferences. This way, we can show you ads that are, well, not completely bananas.
Manage options Manage services Manage {vendor_count} vendors Read more about these purposes
Make cookies
{title} {title} {title}
Techweez | Tech News, Reviews, Deals, Tips and How To
Crunchy Cookies 🍪 Ahead!
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
Listen, this legal stuff is about as exciting as watching paint dry. But it basically says we only use your stuff for what you asked us to do, and nobody else gets to peek!
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
It's those sneaky cookie crumbs websites leave behind to count visitors, like counting ants at a picnic! Totally harmless, just for fun facts. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
Hey there! Just letting you know we use some fancy gizmos to remember your preferences. This way, we can show you ads that are, well, not completely bananas.
Manage options Manage services Manage {vendor_count} vendors Read more about these purposes
Make cookies
{title} {title} {title}
No Result
View All Result
  • News
  • Reviews
  • Features
  • Editorial
  • Automotive
  • Entertainment

© 2024 Techweez - Palahala Media Group may earn a commission when you buy through links on our sites.
A Palahala Media Group Brand. All rights reserved.
.