Google’s Subdomain Phishers Exploit g.co Vulnerability in Vishing Scam

In an increasingly digital world where online interactions are a daily norm, the sophistication of phishing attacks is reaching new heights as evidenced by a recent incident involving Google’s subdomain ‘g.co’ and expertly crafted vishing calls. This meticulously executed scam targeted Zach Latta, founder of Hack Club, and began with a phone call that showed “Google” on the Caller ID. The caller alerted Zach to suspicious login attempts from Frankfurt, Germany. An alleged Google representative, “Chloe” from the Workspace Support team, later followed up with an email from the domain important.g.co, lending an air of credibility to the unfolding scam.

Exposing the Phishing Tactics

Initial Phone Call and Email Deception

The phone call set the stage for what seemed to be a legitimate concern about unauthorized access to Zach’s Google account. “Chloe” from Google’s Workspace Support team reassured Zach that they were there to help, and the subsequent email from the important.g.co domain appeared official enough to momentarily allay suspicions. However, Zach’s doubts surfaced due to subtle red flags, such as minor inconsistencies during the conversation and an unusual discouragement from contacting Google support directly.

As the situation evolved, another character, “Solomon,” who purportedly was Chloe’s manager, joined the call. Solomon intensified the urgency and insisted that Zach immediately enter a code sent to his phone. This code, unknown to Zach, would have granted the scammers full access to his Google account. Zach’s instincts cautioned him against proceeding, and he began to scrutinize the authenticity of the communication. His concerns grew, prompting him to investigate the origin and legitimacy of the interactions more closely.

Discovering the Vulnerability

Upon digging deeper, Zach discovered that the scammers exploited a loophole in Google Workspace, leveraged through the g.co subdomain. This vulnerability allowed them to create convincing subdomains without genuine domain verification. It was this exploited flaw that enabled the scammers to send phishing emails that appeared legitimate. The realization of this loophole within Google’s system raised significant alarms about the security implications of such vulnerabilities.

Security experts and Hack Club members identified that the issue was rooted in Google Workspace’s policies, which permitted the creation of new Workspaces under any g.co subdomain without rigorously verifying domain ownership. This permissiveness made it easier for cybercriminals to impersonate trusted entities and execute phishing scams effectively. The necessity for stringent domain verification became starkly evident to prevent such exploits. Despite the gravity of the issue, Google has yet to provide an official response, leaving users to exercise heightened caution in the interim.

Understanding the Broader Implications

Sophistication of Modern Phishing Scams

The incident involving Google’s g.co subdomain exemplified the escalating sophistication in phishing and vishing attacks. Cybercriminals are continually refining their methods, targeting even those well-versed in technology. Zach’s experience underscored the importance of remaining vigilant and questioning the authenticity of any communication, regardless of how legitimate it may appear on the surface. It highlighted that technological savviness alone is not always sufficient to thwart well-orchestrated scams.

The evolving nature of these cyberattacks necessitates comprehensive security measures and prompt addressing of any identified vulnerabilities. Organizations and individuals alike must adopt a proactive stance in scrutinizing communication channels rigorously. Recognizing phishing attempts often involves noticing minimal inconsistencies and suspicious behavior that could be easily overlooked. As phishing schemes grow increasingly complex, the need for awareness and preparedness becomes more crucial than ever.

The Need for Robust Security Measures

In a world where digital interactions have become a daily routine, the sophistication of phishing scams is becoming increasingly concerning. A recent incident involving Google’s subdomain ‘g.co’ and well-orchestrated vishing calls highlights this growing threat. The scam targeted Zach Latta, founder of Hack Club, and began with a phone call that displayed “Google” on the Caller ID. The caller informed Zach about suspicious login attempts from Frankfurt, Germany, creating a sense of urgency. Later, an alleged representative from Google’s Workspace Support team, identified as “Chloe,” followed up with an email from the domain important.g.co. The email added a layer of authenticity to the scam, making it appear credible. This meticulously crafted attack underscores the heightened risk of cyber threats in today’s digital landscape, where even tech-savvy individuals can fall prey to such schemes. It serves as a reminder to remain vigilant and skeptical of unexpected communications, even when they seem legitimate.

Explore more

Ethereum’s Fragile Recovery Faces Resistance and Low Demand

The Ethereum ecosystem is currently navigating a treacherous landscape where price action struggles to align with the technical milestones achieved during the most recent network upgrades. While the shift to a more scalable architecture was intended to invite a surge of institutional and retail capital, the reality in 2026 shows a market plagued by indecision and a noticeable lack of

macOS 28 Drops Support for Encrypted Mac OS Extended Volumes

The landscape of digital storage has shifted dramatically over the past decade, leaving legacy file systems struggling to keep pace with the rigorous security demands of modern computing environments. With the release of macOS 28, the long-standing compatibility for encrypted Mac OS Extended (HFS+) volumes has officially reached its end of life, signaling a definitive transition toward the more robust

CapCut Named 2026 Leader in AI Social Media Content Creation

The rapid evolution of generative artificial intelligence has fundamentally altered the digital landscape, shifting the burden of high-quality video production from specialized studios to the palm of every creator’s hand across the globe. By mid-2026, the demand for short-form content reached an all-time high, necessitating tools that could keep pace with the volatile trends of social media algorithms. CapCut emerged

How Will AI and RPA Shape Desktop Automation in 2026?

The integration of cognitive computing with traditional robotic process automation has fundamentally altered the way desktop environments operate across global industries today. No longer confined to the rigid, rule-based scripts of previous cycles, modern automation tools now serve as dynamic, goal-oriented assistants capable of navigating the intricacies of fragmented software landscapes. This shift has allowed organizations to bridge the significant

UiPath Navigates AI Pivot Amid Market Skepticism

The transition from legacy robotic process automation to a sophisticated, agent-centric architecture has forced enterprise software giants to fundamentally rethink their value propositions in an era defined by autonomous reasoning. This paradigm shift represents more than a mere software update; it is a complete structural overhaul that seeks to bridge the gap between simple task execution and complex cognitive decision-making.