I do think sometimes, some of these scammy spammers do have half a braincell – or they just get super lucky. I got this the other day;
And I am a google workspace user, so that seemed kinda relevant (There are fairly simple ways of finding this out so that I can be targeted, but the fact they did that [or may have done that] is impressive.
The sender address and reply-to are laughably fake though;
Unless Google are now recieving reply emails at an address registered with a German rivals email service. I think not.
The button and all the links go here;
hXXps://voluntarism395.solviase.de/970testes/$info@dijitul.co.uk
This isn’t a link Google would use – I highlighted the domain in Bold and that should be google.com or googleservices.com or something like that.
I used an isolated browser and machine to open the link, Nord blocked it but I bypassed that and it took me to a page that was “Loading” but nothing happened. Either it was trying to steal stuff in the background or install malware or something or it is now broken as its been reported.
These Google credential scams are getting more and more common now, so be aware and if you are unsure about anything at all contact me by commenting or email scams@0lly.uk.
Stay safe peeps.
Leave a Reply