CoinTelegraph
Casa co-founder Jameson Lopp has issued a warning about a phishing technique that exploits legitimate Google recovery forms to conceal malicious links. Attackers embed harmful URLs inside long messages padded with blank space, making the dangerous content invisible at a glance while the message itself appears to originate from a trusted Google channel.
The technique is notable because it weaponises a real Google infrastructure tool, bypassing the instinctive trust filters most users apply when they see a Google-branded sender. Crypto holders, who are high-value phishing targets, should treat any unexpected Google recovery message with the same scepticism as an unsolicited DM — verify through official channels directly, never through a link embedded in the message itself.
TheBlock
WuBlockchain
CoinDesk