Warning: Read This Now If You Live In New York & Use Gmail

A "red alert" was issued regarding a scam that's so "sophisticated" it's fooling Google.

New Yorkers are told to watch out for this.

Extremely Sophisticated Gmail Scam

Canva

All Gmail users are warned to watch out for this very advanced scam that appears so real it's even fooling Google's own defenses.

Google issued a "red alert" to Gmail users regarding an “extremely sophisticated” scam that's able to bypass Google's security checks.

For all the news that the Hudson Valley is sharing make sure to follow Hudson Valley Post on Facebook, download the Hudson Valley Post Mobile

Scammers are using what appears to be a real Google-affiliated email address, "no-reply@google.com," to send fake legal notices.

Canva

Developer Nick Johnson was one of the first to break the news on X.

“The first thing to note is that this is a valid, signed email – it really was sent from no-reply@google.com," he tweeted.

The email claimed a subpoena was issued for his Google account content. It included a link to what looked like a real Google login page.

If he were to have clicked on the link and entered his login credentials on that page, hackers would get full access to his Gmail, Docs, Photos, and anything else tied to the account.

Johnson says this "extremely sophisticated phishing attack "exploits a vulnerability in Google's infrastructure, and believes many will receive this scam email, or similar ones.

That's because these emails are cryptographically signed by Google, which means they pass every one of Gmail’s usual security checks — no spam folder, no warning banners. The emails are sent directly to your regular inbox.

Can You Guess: Beloved Coffee Chain In New York Named "Worst In America"

There are also no sketchy email domains or misspellings, common signs of scam emails.

Google Confirms Threat

Canva

Google says it’s racing to roll out new protections, confirming the attack is tied to a threat actor known as Rockfoils. According to the company, updates are already going out and should fully shut down this particular attack “soon.”

We're aware of this class of targeted attack from the threat actor, Rockfoils, and have been rolling out protections for the past week," Google told Newsweek. "These protections will soon be fully deployed, which will shut down this avenue for abuse."

See More: Upstate New York Home To World's Cleanest, Most Beautiful Lake

Until then, Google advises users not to click on suspicious links, even if they appear to come from Google itself.

QUIZ: Can you identify 50 famous companies by their logos?

How well do you know the logos of 50 of the world's most famous companies? Keep scrolling to see if you can guess which icon belongs to which brand.

LOOK: This is where homes are selling the fastest right now

Stacker compiled a list of the metros where houses are selling the fastest, according to data from Redfin.

Gallery Credit: Stacker

LOOK: 25 must-visit hidden gems from across the US

From secret gardens to underground caves, Stacker compiled a list of 25 must-visit hidden gems from across the United States using travel guides, news articles, and company websites.

Gallery Credit: Abby Monteil

Filed Under: New York News

Categories: Hudson Valley News