Phishers Exploit Google Sites and DKIM Replay
Threat actors recently leveraged a less common approach to send bogus emails through Google's Email Infrastructure, that redirected recipients to malicious websites to harvest their credentials. Because these emails were sent from an official account, and passed the DKIM signature check, they were received as a legitimate message by many.