M
Ask HN
Ask HN: Why is Google tolerating impersonation of Gmail from it's own domain?
For several weeks now I've been receiving spam impersonating Gmail. It always contain link to https://storage.googleapis.com/rightsmoves/... The email looks like this:

https://imgur.com/xyXfPI8

Even Google's own Gemini knows it's a scam:

> The URL https://storage.googleapis.com/rightsmoves/ points to a specific Google Cloud Storage bucket named "rightsmoves". Based on recent security data and web scans, this particular bucket has been associated with malicious activity, specifically phishing and "traffic stealing" schemes.

I've reported it several times via Google Cloud Platform abuse form and they ignore it.

Is it Google's total incompetence? Why are they allowing scams from their own domain?

  • ggm
  • ·
  • 7 hours ago
  • ·
  • [ - ]
I think in due course they will deal with it, but the profit centres in Google do not seem to put humans into decision making roles on customer alerted problems if the customer is a free user. If you pay for Google 1 (eg more storage) you paid for a responsive human and might have a better experience. If you are a paying customer and your paying customer identity alerted them, and they have been unresponsive that's more concerning.

So: do you pay Google for services?

That form is general availability. It's not locked to customers only.