Security News > 2025 > April > Phishers abuse Google OAuth to spoof Google in DKIM replay attack
2025-04-20 17:31
In a rather clever attack, hackers leveraged a weakness that allowed them to send a fake email that seemed delivered from Google's systems, passing all verifications but pointing to a fraudulent page that collected logins. [...]
News URL
Related news
- Phishers Exploit Google Sites and DKIM Replay to Send Signed Emails, Steal Credentials (source)
- Google: 97 zero-days exploited in 2024, over 50% in spyware attacks (source)
- Threat actors abuse Google Apps Script in evasive phishing attacks (source)
- Google patches new Chrome zero-day bug exploited in attacks (source)
- Google: Hackers target Salesforce accounts in data extortion attacks (source)