517

Google sends emails that 100% look like phishing (feddit.it)

submitted 1 month ago by Moonrise2473@feddit.it to c/mildlyinfuriating@lemmy.world

32 comments fedilink hide all child comments

No, it's not phishing, it's legit, the header match with google and the link goes to https://accounts.google.com/AccountChooser/signinchooser?continue=https%3A%2F%2Fadmin.google.com%2Fac%2Fac%2Falert%2Fdetails%3FalertId%3D3...

Why not just write the message there instead of letting me login to watch the important notification?????????????????

top 32 comments

sorted by: hot top controversial new old

[-] Moonrise2473@feddit.it 162 points 1 month ago

The content of this "important notification" is that to remind me that on January 18, 2025, they will delete the data of Google Currents, because they killed it. I even didn't know what that product was.

[-] Swedneck@discuss.tchncs.de 23 points 1 month ago

google currents sounds like some sort of phenomenon, like an ocean current that pushes stuff onto the shore where we discover it.

[-] rxin@lemmy.blahaj.zone 5 points 1 month ago

Google Currents is the Google strategy of "The Less Products I Have The Better"

[-] Blackmist@feddit.uk 15 points 1 month ago

Google Currents

They probably just renamed it to Google Raisins.

[-] UltraMagnus0001@lemmy.world 13 points 1 month ago

So many things have died. GOOGLE KILLS.

[-] Serinus@lemmy.world 13 points 1 month ago

Goodbye Chromecast!

Hello, thing that's totally not Chromecast.

[-] mrvictory1@lemmy.world 3 points 1 month ago

At least the protocol is still alive.

[-] kautau@lemmy.world 8 points 1 month ago

https://killedbygoogle.com/

[-] Moonrise2473@feddit.it 113 points 1 month ago

They know my name, yet they wrote "Dear Google Workspace Administator" as the most generic phishing attempts.

[-] Hector_McG@programming.dev 17 points 1 month ago

I doubt more than 6 people at Google knew what it was.

[-] rxin@lemmy.blahaj.zone 9 points 1 month ago

Yeah actually, any non-spam email should always address you by name and that's a rule. Many services also have this in their e-mail footers "This e-mail is for XXXXX" etc. because a typical mass sent garbage mail won't know your name.

[-] Trainguyrom@reddthat.com 6 points 1 month ago

When I worked the email marketing opt out queue I relied heavily on the "this email was sent to [email address]" because 9/10 reports that the opt out didn't work, they had setup forwarding from one email address to another

[-] dysprosium@lemmy.dbzer0.com 50 points 1 month ago

It's also annoying that Microsoft sends links via sms using a really scratchy looking domain (aka.ms). Turns out they're legit

[-] azertyfun@sh.itjust.works 37 points 1 month ago

They got the .microsoft TLD a while back specifically for this purpose. Supposedly they want to migrate all their cloud services there, but I learned about that a year ago and I've only seen it in use once since (IIRC on Loop...)

And let's not forget about facebookmail.com, the official mail server for Facebook login notifications since 2004.

The tech is here, the risks are enormous, but the corpos don't care because they don't bear the costs of phishing attacks and governments are too impotent to enforce minimum standards of cybersecurity.

[-] tias@discuss.tchncs.de 12 points 1 month ago

Their latest iteration of Teams runs on https://teams.cloud.microsoft.

[-] azertyfun@sh.itjust.works 5 points 1 month ago* (last edited 1 month ago)

Looks like that works but my bookmark is on https://teams.microsoft.com and there's no redirect whatsoever. Hopefully they'll get there in a few months' time.

[-] Baku@aussie.zone 16 points 1 month ago

I had to make a police report yesterday, and they wanted me to upload evidence. The (text) message they sent was along the lines of: "A. Last name requests evidence from you. Click here to submit evidence. vp.au/evidence"

[-] Swedneck@discuss.tchncs.de 19 points 1 month ago

dear sirs, please submit the evidences to do the needful, very thanks.

[-] BlueSquid0741@lemmy.sdf.org 8 points 1 month ago

But there are so many dodgy similar looking ones that auto complete if you’re typing it.

I went to type in the aka.ms to find a bit locker recovery key. And didn’t realise it autocorrected to something like akam.ms and it was a super sketchy site about bit locker recovery. Luckily I realised straight away even MS wouldn’t host a website like the one I saw.

[-] reddig33@lemmy.world 4 points 1 month ago

Link shorteners are the worst.

[-] Angry_Autist@lemmy.world 1 points 1 month ago

Only reason I knew that was akamai was their hosting for their previous ISO distro system, it does look phish af.

[-] BrikoX@lemmy.zip 44 points 1 month ago

A good rule of thumb is to never click on links in emails. Always go to the domain manually.

[-] Eiri@lemmy.world 29 points 1 month ago

I can see why they would want that. They may consider email to be inherently less safe than their platform, so they don't send any sensitive information there.

Canada's government stuff also generally works that way, except without any links.

I'm not sure how legit their concerns are, but it's a thing.

Canada Revenue Agency notice

[-] Carighan@lemmy.world 14 points 1 month ago

In fact a lot of things do:

My bank
All monthly work pay notifications
All tax notifications

It's just normal to not include the actual information. But like you say, except sometimes the bank, they don't include links.

[-] MonkderVierte@lemmy.ml 1 points 1 month ago

Public services here do that too. But they then use a known local service for that.

[-] shalafi@lemmy.world 21 points 1 month ago

Reminds me of when Malwarebytes changed the interface to look like a straight up virus. LOL, we were all shitting bricks.

[-] chrisbit@leminal.space 9 points 1 month ago

Had the same reaction to this email today!

[-] possiblylinux127@lemmy.zip 2 points 1 month ago

It is better than the vendors/contractors who send emails with misspellings and attached documents

[-] thirteene@lemmy.world 2 points 1 month ago

I debated signing in multiple times myself, finally got it validated for a feature that was never enabled. Fuck off Google

this post was submitted on 13 Aug 2024

517 points (96.6% liked)

Mildly Infuriating

35043 readers

126 users here now

Home to all things "Mildly Infuriating" Not infuriating, not enraging. Mildly Infuriating. All posts should reflect that.

I want my day mildly ruined, not completely ruined. Please remember to refrain from reposting old content. If you post a post from reddit it is good practice to include a link and credit the OP. I'm not about stealing content!

It's just good to get something in this website for casual viewing whilst refreshing original content is added overtime.

Rules:

1. Be Respectful

Refrain from using harmful language pertaining to a protected characteristic: e.g. race, gender, sexuality, disability or religion.

Refrain from being argumentative when responding or commenting to posts/replies. Personal attacks are not welcome here.

...

2. No Illegal Content

Content that violates the law. Any post/comment found to be in breach of common law will be removed and given to the authorities if required.

That means: -No promoting violence/threats against any individuals

-No CSA content or Revenge Porn

-No sharing private/personal information (Doxxing)

...

3. No Spam

Posting the same post, no matter the intent is against the rules.

-If you have posted content, please refrain from re-posting said content within this community.

-Do not spam posts with intent to harass, annoy, bully, advertise, scam or harm this community.

-No posting Scams/Advertisements/Phishing Links/IP Grabbers

-No Bots, Bots will be banned from the community.

...

4. No Porn/Explicit

Content

-Do not post explicit content. Lemmy.World is not the instance for NSFW content.

-Do not post Gore or Shock Content.

...

5. No Enciting Harassment,

Brigading, Doxxing or Witch Hunts

-Do not Brigade other Communities

-No calls to action against other communities/users within Lemmy or outside of Lemmy.

-No Witch Hunts against users/communities.

-No content that harasses members within or outside of the community.

...

6. NSFW should be behind NSFW tags.

-Content that is NSFW should be behind NSFW tags.

-Content that might be distressing should be kept behind NSFW tags.

...

7. Content should match the theme of this community.

-Content should be Mildly infuriating.

-At this time we permit content that is infuriating until an infuriating community is made available.

...

8. Reposting of Reddit content is permitted, try to credit the OC.

-Please consider crediting the OC when reposting content. A name of the user or a link to the original post is sufficient.

...

Also check out:

Partnered Communities:

1.Lemmy Review

2.Lemmy Be Wholesome

3.Lemmy Shitpost

4.No Stupid Questions

5.You Should Know

6.Credible Defense

Reach out to LillianVS for inclusion on the sidebar.

All communities included on the sidebar are to be made in compliance with the instance rules.

founded 1 year ago

MODERATORS

LillianVS@lemmy.world

STRIKINGdebate2@lemmy.world

Tenthrow@lemmy.world