A phishing scam targeting crypto users has been discovered exploiting Google’s infrastructure, raising serious concerns about online security. Ethereum Name Service founder, Nick Johnson, flagged the issue on April 16, 2025, pointing out potential vulnerabilities in Google Sites’ OAuth integration used by the scammers. Despite his efforts to report the vulnerability as a security concern, Google stated the infrastructure was functioning as intended. This has sparked frustration within the crypto community, who are concerned about using public platforms susceptible to such attacks. Although the market initially showed minimal impact on prices, the incident highlights the need for stronger cybersecurity measures in the face of growing phishing threats in the crypto industry, particularly concerning user-facing platforms.