Google’s official URL shortcut, g.co, is under attack as people have been tricked into giving up their Google account information. The phishing attempt involved a caller posing as a Google Workspace employee, claiming that the account was compromised and guiding the target to reset the account. The scam was elaborate, including creating a fake LinkedIn profile and sending a misleading two-factor code. Interestingly, the scammer exploited a bug in Google Workspace allowing them to create a fake subdomain. This incident highlights the importance of staying vigilant and verifying the legitimacy of unexpected communications. Stay safe online!
https://gist.github.com/zachlatta/f86317493654b550c689dc6509973aa4