Reddit Scam Pattern
Lookalike domain and compromised-account phishing
3 reports · first seen 13 July 2026 · last seen 14 July 2026
Attackers impersonate major platforms using near-identical domains or hijacked trusted accounts to deliver credential-harvesting emails or malware. Victims are lured by security alerts or peer messages that appear legitimate.
How the scam works
Lookalike domain spoofing and malware-laced files distributed via compromised accounts to capture credentials or install spyware.
Brands impersonated
Member posts on Reddit (3)
- Someone spoofed a YouTube creator’s official email to sell me fake app promotion
A developer was approached via Gmail then sent a spoofed official-domain email to fraudulently sell fake app promotion on a YouTube channel.
reddit · 13 July 2026 · phishing
- [US] Google and Discord accounts stolen, unable to reach support
A stolen friend account was used to send a malicious Minecraft modpack that installed spyware and gave the attacker full access to Google and Discord accounts.
reddit · 13 July 2026 · phishing
- Got an email NOT from no-reply@accounts.-google.com reporting "Critical security alert"
A user identified a phishing email impersonating Google's security alerts using a lookalike domain 'accounts.-google.com' with a deceptive hyphen to steal credentials.
reddit · 12 July 2026 · phishing