- Nick Johnson alerts Google about crypto phishing scam.
- Initial market unease but no price impact.
- Google claims operation as intended, crypto community frustrated.
Nick Johnson, founder of Ethereum Name Service, flagged a crypto phishing scam exploiting Google’s infrastructure on April 16, 2025, highlighting potential security vulnerabilities.
Phishing Scams and their Impact
The phishing scam operating through Google Sites has posed a serious security threat by integrating OAuth infrastructure with phishing vectors. Nick Johnson criticized Google for not addressing the issue as a serious security concern, highlighting the phishing potential.
“Google long ago realised that hosting public, user-specified content on google.com is a bad idea, but Google Sites has stuck around. IMO they need to disable scrips and arbitrary embeds in Sites; this is too powerful a phishing vector.” — Nick Johnson
Despite Johnson’s efforts to escalate the matter with a bug report, Google’s team remarked that the infrastructure was working as intended. This highlights a potential disconnect in perceived security threats and corporate responses from major Internet platforms.
The immediate impact on the crypto market remains minimal in terms of price changes, yet the community is increasingly alarmed about using such public platforms. Community reactions have voiced strong criticism towards Google’s approach to these kinds of security incidents.
Historically, phishing in the crypto industry has resulted in substantial annual losses, affecting retail users and increasing overall market anxiety. Users are encouraged to fortify personal security measures, as regulatory actions have yet to surface.
Phishing risks in Web3 environments might prompt tightened security protocols and improved regulatory frameworks in the long term. Such incidents underline the necessity for comprehensive cybersecurity measures within the cryptocurrency sector, especially related to trusted Internet platforms.