Received this message today, almost fell for it:
This links to a page with an encrypted parameter that seems to auto-fill my email address in the form.
I'm wondering how many people would follow instructions from a 3rd party claiming to be Google, and fill in sensitive information like security questions.
This is very clever:
- talk about a very serious matter
- sense of urgency (7 days deadline)
- email is not from google.com, but cc to firstname.lastname@example.org.
The website certificate looks legit, but it is not that hard to get one like this:
Even this message having the classic modus operandi of a phishing attack, I got a Google support ticket opened just in case. Turn out the message is legit!!! Seriously, Google?