Alert ⚠️
السلام علیکم ورحمتہ اللہ وبرکاتہ
کیسے ہیں آپ سب ؟
Attackers ek original Google email ko bina badle save kar lete hain aur phir usay dubara kisi aur email account (jaise Outlook) se bhejte hain. Kyunki DKIM sirf email ke headers aur body ko check karta hai, aur wo unchanged rehte hain, is liye original DKIM signature valid rehta hai. Email kai servers se guzarta hai, lekin asli Google ka DKIM signature intact rehta hai. Is wajah se ye spoofed email SPF, DKIM aur DMARC jaise authentication checks pass kar leta hai aur user ko legit lagta hai. Source
Ye email aksar ek fake Google support link deta hai jo Google Sites par host hota hai, jisse user ko lagta hai ke site bhi asli hai. Jab user link pe click karta hai, to usay ek page pe le jaya jata hai jahan usay login karne ko kaha jata hai. Agar user apna Google username aur password enter karta hai, to attacker uska pura account control kar leta hai.Scammers psychological tactics use karte hain jaise ke fear create karna (law enforcement, lawsuit, account suspension ka dar) taake user jaldi me bina soche samjhe apni details de de. Ye attack is liye dangerous hai kyunki ye email authentication systems ka misuse karke user ka trust jeet leta hai.
Fake Google Email SE hone Wala Phishing Scam
السلام علیکم ورحمتہ اللہ وبرکاتہ
کیسے ہیں آپ سب ؟
Attackers ek original Google email ko bina badle save kar lete hain aur phir usay dubara kisi aur email account (jaise Outlook) se bhejte hain. Kyunki DKIM sirf email ke headers aur body ko check karta hai, aur wo unchanged rehte hain, is liye original DKIM signature valid rehta hai. Email kai servers se guzarta hai, lekin asli Google ka DKIM signature intact rehta hai. Is wajah se ye spoofed email SPF, DKIM aur DMARC jaise authentication checks pass kar leta hai aur user ko legit lagta hai. Source
Ye email aksar ek fake Google support link deta hai jo Google Sites par host hota hai, jisse user ko lagta hai ke site bhi asli hai. Jab user link pe click karta hai, to usay ek page pe le jaya jata hai jahan usay login karne ko kaha jata hai. Agar user apna Google username aur password enter karta hai, to attacker uska pura account control kar leta hai.Scammers psychological tactics use karte hain jaise ke fear create karna (law enforcement, lawsuit, account suspension ka dar) taake user jaldi me bina soche samjhe apni details de de. Ye attack is liye dangerous hai kyunki ye email authentication systems ka misuse karke user ka trust jeet leta hai.