A Google subpoena scam is a type of phishing attack where fraudsters impersonate Google to create a false sense of urgency and fear. Typically, you will receive an email that appears to come from no-reply@google.com, claiming to inform you of a subpoena, a formal legal request. The email will often have a subject line like “Security Alert” or “Notice of Subpoena,” making it seem urgent and legitimate. These scammers prey on your natural concern about legal matters and data privacy, hoping to trigger a reaction. Inside the email, the scammers falsely claim that Google has been served with a subpoena requiring the company to turn over your account data, such as emails, documents, or search history. The email will then urge you to click on a link to view your “case materials.” This link typically leads to a fraudulent website, often hosted on Google Sites, which is designed to look like a genuine Google support page. The most concerning part of this scam is that attackers are skilled at spoofing Google’s email addresses and mimicking the company’s official content. By doing so, they can bypass common security checks, such as DomainKeys Identified Mail (DKIM), which normally verifies the authenticity of an email. The attackers exploited legitimate Google services to bypass traditional spam filters and used “OAuth” applications combined with DKIM workarounds to create emails that could fool even careful users. A DKIM replay attack exploits the way email authentication works, specifically using DomainKeys Identified Mail, which adds a digital signature to an email to verify its authenticity. Steps of the attack include the attacker intercepting a legitimate email from Google, preparing the replay, sending the spoofed email, relaying through other servers, and final delivery to the victim’s inbox. To avoid falling victim to Google subpoena scams, it is important to stay calm, avoid clicking any links or attachments, and verify any legal claims directly through Google’s official support channels. Phishing scams are constantly evolving, but you can significantly reduce your risk by following some best practices, including staying skeptical, inspecting emails carefully, hovering before clicking on links, enabling 2FA, using advanced spam filters, conducting regular security audits, staying updated on cybersecurity threats, and educating yourself and others.