New Google-Based Phishing Attack Alert

A fresh phishing campaign is exploiting Google Sites and abusing DKIM replay to deliver legit-looking, cryptographically signed emails that pass SPF, DKIM, and DMARC. These emails link to convincing credential-harvesting pages hosted on Google’s infrastructure — making them incredibly hard to detect or block.

🎯 What’s the catch?
Attackers are leveraging previously signed messages to bypass traditional email filters and social engineering users into handing over their credentials.

🔒 What you need to do:
• Enable advanced phishing protection in your email systems
• Train users to verify where a link actually goes — even if the email looks safe
• Consider threat detection tools that go beyond standard email filtering

This is another reminder that even trusted platforms can be weaponized. If you need help improving your phishing defenses, we’ve got your back. 💼