Paulo Scardine


Clever phishing scam of the day

Received this message today, almost fell for it:

This links to a page with an encrypted parameter that seems to auto-fill my email address in the form.

I'm wondering how many people would follow instructions from a 3rd party claiming to be Google, and fill in sensitive information like security questions.

This is very clever:

  1. talk about a very serious matter
  2. sense of urgency (7 days deadline)
  3. email is not from, but cc to

The website certificate looks legit, but it is not that hard to get one like this:


Even this message having the classic modus operandi of a phishing attack, I got a Google support ticket opened just in case. Turn out the message is legit!!! Seriously, Google?

Topics of interest

More Related Stories