According to Foresight News, ENS chief developer nick.eth has reported a highly complex phishing attack that exploited a vulnerability within Google's infrastructure. Despite the severity of the issue, Google has declined to address the flaw.
The developer explained that the phishing email appeared highly authentic, successfully passing DKIM signature verification and displaying normally in Gmail. It was even placed within the same conversation as other legitimate security alerts.
Attackers took advantage of Google's "Sites" service to create a seemingly trustworthy "support portal" page. This page misled users into believing it was secure due to the presence of "google.com" in the domain name.
Users are advised to exercise caution to avoid falling victim to such sophisticated phishing schemes.
