In April 2025, cybersecurity experts uncovered a sophisticated phishing campaign exploiting Google Sites and DKIM replay attacks to distribute seemingly legitimate emails that redirected recipients to fraudulent sites designed to harvest credentials .​

Anatomy of the Attack

 

This phishing scheme employed a multi-step process:

  1. Creation of a Google Account: Attackers established a Google account using a newly registered domain.

  2. Deployment of a Malicious OAuth Application: They developed a Google OAuth application named to mimic the content of a phishing message.

  3. Generation of a Legitimate Security Alert: By granting the OAuth app access to their Google account, Google automatically sent a security alert email to the account, which was DKIM-signed and appeared authentic.

  4. Forwarding the Email to Targets: The attackers forwarded this legitimate-looking email to victims, preserving the DKIM signature, making it seem as though it originated from Google.The Hacker News

  5. Redirection to a Phishing Site: The email contained a link to a Google Sites page that closely resembled a genuine Google Support page. This page prompted users to “upload additional documents” or “view the case,” leading them to a counterfeit Google Account sign-in page hosted on Google Sites.

This method allowed the phishing email to bypass standard security checks, as it passed SPF, DKIM, and DMARC validations, making it particularly deceptive.

How Hi-Tex Solutions Can Help

 

Hi-Tex Solutions offers a comprehensive suite of services to combat such advanced phishing attacks:

1. Advanced Email Security

Hi-Tex provides robust email security solutions that include:

  • Spam Filtering: Scanning every email through Microsoft Exchange servers to detect and block spam and malicious content.

  • Email Encryption: Ensuring that sensitive information is encrypted during transmission to prevent unauthorized access.

  • User-Friendly Management Portal: Allowing users to manage email preferences, including quarantine settings and black/white lists .

2. Email Authentication Protocols

Implementing and managing email authentication protocols such as SPF, DKIM, and DMARC to verify the legitimacy of incoming emails and prevent spoofing .​

3. Security and Compliance Services

Specializing in HIPAA and PCI compliance, Hi-Tex ensures that your organization meets industry standards for data protection and security .​

4. Employee Training and Awareness

Conducting regular security audits and providing training to employees to recognize and report phishing attempts, thereby strengthening the organization’s human firewall .

Protect Your Organization Today

 

In the face of evolving phishing tactics, it’s crucial to have a trusted partner to safeguard your organization’s digital assets. Hi-Tex Solutions offers tailored cybersecurity services to meet your specific needs.

For businesses in San Antonio and the surrounding areas, Hi-Tex provides local expertise with 24/7 support .​

Contact Hi-Tex Solutions today to schedule a consultation and fortify your defenses against sophisticated phishing attacks.