One Click, Half a Million Lost: Sophisticated Crypto Phishing Scam Exploits Google Services
2024-12-20
Two victims lost nearly $500,000 in cryptocurrency after clicking on a fraudulent Google account recovery prompt. Scammers used a real Google phone number, forged Google security emails, and tricked victims into clicking a Google prompt on their phones, gaining control of their Gmail accounts. One victim's mistake was storing a picture of their cryptocurrency wallet's seed phrase in Google Photos, giving the scammers easy access to their funds. This incident highlights vulnerabilities in Google's authentication system and the sophistication of scammers using Google services for high-tech phishing attacks.