Google has taken action against a sophisticated account takeover scam that was able to fool even the most technical individuals. The scam targeted a user who claims to be a Google Workspace expert, Zach Latta, and nearly succeeded in taking over his account.
The scammers used a unique trick, creating a Google Workspace using a g.co subdomain, which is normally used for verified domains only. They then sent a password reset email that appeared to come from Google itself, in an attempt to gain access to the victim’s account.
However, Latta remained suspicious and asked for a genuine email sent from a Google domain to verify the authenticity of the call. The scammers were unable to provide this, which allowed Latta to realize it was a scam.
Google has since suspended the compromised account and is hardening its defenses against similar attacks. This incident serves as a reminder to users to be cautious when receiving calls or emails from what appears to be Google, especially if they are prompted to take action immediately.
In related news, other tech companies such as Apple and Microsoft have also been targeted by similar phishing scams in recent weeks. The use of passkeys, which are becoming increasingly popular, may provide a solution to these types of attacks in the future.
Source: https://www.theregister.com/2025/01/27/google_confirms_action_taken_to