72°
Adam Mosseri, the CEO of Instagram and Head of Product for Instagram at Facebook, said in a social media post on Threads that the scammer contacted him by phone, with a quick follow-up email.
"They said my Google account was compromised and they sent me an email to confirm my identity," wrote Mosseri, a 42-year-old New York City native who graduated from NYU. "On the phone they asked me to change my password using my Gmail app and to *not* say my new password out loud.
"What was impressive was their email came from forms-receipts-noreply@google.com and linked to sites.google.com/view…, which of course asked me to sign in…
"The email and the form both coming from secure Google domains (via Google products) might have got me if I hadn’t heard from a friend who experienced a similar attack a year ago."
As noted in an earlier Daily Voice report, because the domain includes google.com, it can bypass some spam filters and lower users’ guard.
It even redirects users through a real Google login page before delivering them to a fake support site mimicking the real one at support.google.com.
Cybersecurity company Kaspersky, which detailed the scam on its website, says the attack exploits the trust users and systems place in recognizable domains like google.com.
The result is a convincing con that relies on users overlooking subtle clues.
Check back to Daily Voice for updates.
Click here to follow Daily Voice Rutherford and receive free news updates.
