Phishers exploit Google Cloud emails to slip past security filters

Cybercriminals are abusing Google Cloud’s own email automation tools to deliver convincing phishing messages that bypass standard security checks, researchers warn. The campaign uses legitimate Google-branded notifications to lure victims into credential-stealing traps via multi-stage redirects. Thousands of emails targeted firms across finance, tech, manufacturing, and retail before Google moved to shut down the abuse.