Reddit Scam Pattern
Compromised Google accounts used for chained phishing
6 reports · first seen 1 May 2026 · last seen 2 May 2026
Attackers gain access to a victim's Google or Gmail account — often via a fake sponsor form or permission request — then weaponise the trusted account to send phishing emails to thousands of contacts or hijack linked services such as YouTube channels.
How the scam works
Trusted-sender account takeover with credential-harvesting links, bulk contact phishing, and silent carrier-billing redirects via mobile browsers.
Brands impersonated
Member posts on Reddit (6)
- Accidentally clicked a phishing link looking for advice!
Victim clicked a scammer-provided Google Meet link that prompted a fake account update and initiated a malicious file download.
reddit · 1 May 2026 · phishing
- Fell For Google MFA Phishing
A victim fell for a Google phishing call after two months of fake account-recovery push notifications primed them to trust the scammer's spoofed call.
reddit · 25 Apr 2026 · phishing
- Post-phishing-attack repair process & reporting
A colleague's phished Gmail account was used two weeks later to send phishing emails to approximately 3,000 contacts in alphabetical batches, with sent messages deleted to hide the activity.
reddit · 28 Apr 2026 · phishing
- Redirect caused my operator to send verification SMS?
An Australian user clicked a link that triggered a redirect and received a legitimate carrier SMS verification code for a Google Play payment method without entering any credentials.
reddit · 27 Apr 2026 · phishing
- My google mail was hacked
Content creator with 42,000 YouTube subscribers lost access to their Google account and channel after clicking a phishing link disguised as a sponsor submission form.
reddit · 28 Apr 2026 · phishing
- Oops! I (31F) just fell for scam
A fake e-invite sent from a compromised friend's real email account requested Gmail permissions, capturing the victim's Google account login credentials.
reddit · 30 Apr 2026 · phishing