Don't Fall For It: New Scam Threatens Gmail Users

A sophisticated new phishing scam bypasses traditional email security by abusing Google's own OAuth system. 

1  By creating a seemingly legitimate email originating from , attackers trick users into clicking a link that can compromise their accounts. This "DKIM replay" attack leverages Google's domain authentication. 

2  Users can identify this scam by carefully checking the recipient field (it won't be your direct email) and the link destination (it will be on sites.google.com, not accounts.google.com).

Google is aware of this threat and recommends two-factor authentication and passkeys as strong defenses. 

Reach out today to find how DC Cybertech can support and advise your business from becoming the victim of attempted scams and threats.