Jameson Lopp, co-founder of Casa, warns of a new phishing technique that exploits legitimate Google Recovery Forms to hide malicious links in long, spaced-out messages.
He said this method makes it harder for harmful content to be detected when users glance at it. It is unclear how widespread the campaign has been or which specific groups of victims it is targeting.
The technique described involves leveraging a Google recovery form, rather than creating an entirely new fake page. Inserting malicious links into stretched content and leaving ample whitespace can reduce the likelihood of users recognizing the risk.
Lopp did not provide further details on the scope of the impact or the extent of the damage. However, this warning shows that phishing schemes are increasingly relying on legitimate services to create a sense of security and bypass users' initial checks.
