Cryptocurrency users are facing a new wave of sophisticated phishing attacks. Scammers are now using real Google accounts to send emails that appear legitimate, making it harder to spot the fraud.
Google shuts it down
A new phishing scam is targeting cryptocurrency users by exploiting Google’s account recovery system. Instead of creating fake emails, scammers are submitting genuine Google recovery requests, but they’re including a dangerous phishing link within the request details. Because these requests appear to come directly from Google, users are more likely to trust them at first.
This scam relies heavily on clever formatting. Attackers hide harmful content by adding a lot of blank space to the bottom of the email. The visible part of the message is designed to look like a legitimate Google security notification.
Bitcoin Crash Wipes Out $660 Million
XRP Volatility Ahead, Dogecoin (DOGE) Uptrend Continues, Is Toncoin (TON) Capable of Holding $2? Crypto Market Review
People are receiving email requests asking them to be added as a recovery contact, as shown in screenshots shared by those targeted. One example showed a request from suspicious email addresses, asking the recipient to review it. Hidden further in the message was a phishing link designed to steal usernames, passwords, or account access information.
Sender address exploited
This technique is especially dangerous because it bypasses a key warning sign people usually look for – the sender’s email address. Since the email is created using Google’s own systems, it can appear legitimate and slip past initial fraud checks.
Since blockchain transactions can’t be undone, people with cryptocurrency are common targets for phishing scams. If hackers gain access to wallets, exchange accounts, or recovery phrases, stolen funds are usually lost forever. Those who use DeFi platforms or have large amounts of cryptocurrency often see scams like fake login pages, requests to verify their wallets, or messages pretending to be from customer support.
As a crypto investor, I’ve been warned, and I want to share this with you: don’t click links in emails, even if they *look* legit. Instead, always open your browser, go directly to Google, your wallet provider (like MetaMask), or your exchange (like Coinbase), and check for any requests or issues from within your account dashboard. It’s a much safer way to protect your funds.
This incident shows that phishing attacks are becoming more sophisticated. They’re moving beyond obvious, badly written emails to using trusted services and legitimate platforms to trick people. Because attackers are getting more creative, it’s crucial for users to double-check every request before accessing important accounts or making financial transactions.
Read More
- Best Controller Settings for ARC Raiders
- FRONT MISSION 3: Remake coming to PS5, Xbox Series, PS4, Xbox One, and PC on January 30, 2026
- Mark Zuckerberg & Wife Priscilla Chan Make Surprise Debut at Met Gala
- Meet the cast of Good Omens season 3: All the actors and characters
- Review: Final Fantasy Tactics: The Ivalice Chronicles (PS5) – Still the Benchmark for Turn-Based Tactics
- Nippon Sangoku Is The Best New Post-Apocalyptic Anime of Spring 2026
- 7 Great Marvel Villains Who Are Currently Dead
- Welcome to Demon School! Iruma-kun season 4 release schedule: When are new episodes on Crunchyroll?
- Wistoria: Wand and Sword Season 2 release schedule: When are new episodes out?
- The Boys Season 5 Officially Ends An Era For Jensen Ackles’ Soldier Boy
2026-05-18 13:46