According to online reports, Slowfog founder Yuxian posted on social media that the chief developer of ENS had previously been subjected to a phishing attack that exploited a vulnerability in Google's infrastructure. The phishing gang deceived users into being targeted by law enforcement by disguising official Google phishing emails. Although Goolge escalated the confrontation. However, today, the phishing gang launched a new round of phishing attacks and will continue to lure users to the "google.com" subdomain, induce users to disclose their account passwords, and immediately add Passkey. BlockBeats previously reported that on April 16, ENS chief developer nick.eth posted that it had encountered an extremely complex phishing attack that exploited a vulnerability in Google's infrastructure, but Google refused to fix the vulnerability. He stated that the attack email looked very real, could be verified by DKIM signatures, was displayed normally by GMail, and was placed in the same conversation with other legitimate security warnings. The attacker used Google's "site" service to create a trusted "support portal" page. Because users would see that the domain name contained "google.com" and mistakenly thought it was safe, users should be cautious.