Tell HN: Sophisticated Google Phishing

5 points by tornato7 ↗ HN
The attacker registered for a domain identical to ours but with a different TLD. They created a Google Workspace and a Gmail address under that domain with the same email as our founder.

They then uploaded a malicious .zip file to Google Drive and shared it with our employees. The message that Google Drive delivered also included a spoofed Google login page hosted at the new domain.

Overall, it was the most convincing phishing email I've seen. We use Inky for phishing detection and it raised no flags. Luckily, nobody opened the file.

0 comments

[ 5.0 ms ] story [ 10.1 ms ] thread

No comments yet.