But one new scheme is anything but sloppy. In fact, it’s polished enough to fool even tech-savvy users—because it uses Google’s own tools and trusted domains to do it.

A new phishing email making the rounds appears to come directly from no-reply@accounts.google.com, the same address used for real Google security alerts.

The message warns the recipient that a subpoena has been issued to access their Google account and includes official-looking elements like a support ticket number, account ID, and a clickable link to review the case.

The catch? That link leads to a site hosted at sites.google.com, part of the legitimate Google Sites platform.

Because the domain includes google.com, it can bypass some spam filters and lower users’ guard. It even redirects users through a real Google login page before delivering them to a fake support site mimicking the real one at support.google.com.

Cybersecurity company Kaspersky, which detailed the scam on its website, says the attack exploits the trust users and systems place in recognizable domains like google.com. The result is a convincing con that relies on users overlooking subtle clues.

Check back to Daily Voice for updates.

Click here to follow Daily Voice Northampton and receive free news updates.