For the record, this is a Clem Meredith Headhunter phishing email attempt that is recently going around, with subject "Confidential Search for Principal Consultant, Enterprise Data Strategy within Financial Services"
What to do? Report them, go to bottom of page.
From: Clem Meredith <clemmeredith.bs@gmail.com> Subject: Confidential Search for Principal Consultant, Enterprise Data Strategy within Financial Services |
Phishing Link
1. https://confidential-mail.google.com/msg/ALxs4W7NZaIraMlILN5qzd_kLMssjUchAFPNppXaHZfnWx5ifRRNfUM4ukyRUKKRUbbJw2FnDm5A1vNXMsPHumZ5y-fcn08OBuiwjG9s_lBV1GSQ2k97WSBoMK3auZKf2-iq
Yes, the structure of this link is valid. It is an official URL format used by Google for Gmail's Confidential Mode.
When a user sends an email using Gmail Confidential Mode to a non-Gmail recipient (like an Outlook, Yahoo, or corporate email address), the email body is not sent directly.confidential-mail.google.com.
Key Things to Know Before Clicking:
Verify the Sender: Since scammers frequently use Google services to mask phishing attempts, ensure you actually know and trust the person who sent you this email.
Identity Verification: When you click a valid link like this, Google will usually require you to log in with your recipient email or request a one-time SMS passcode (if the sender enabled it) to verify your identity before revealing the message.
Expiration: These links are temporary. Senders can set them to expire anywhere from 1 day to 5 years, or they can revoke access manually at any time.
If it has expired, the link will no longer work.
Safety Tip: If you received this link in an unexpected email from an unknown sender, do not interact with it or provide any personal details, as it could be a phishing attempt designed to exploit Google's trusted domain.
How to tell this is a Phishing email?
- Check email address in full, if it's not from originating company then it's phishing.
- Hover over all links in email, if it's not from the company's website then forget it.
- The best way is to look at message source, see below.
Use an AI
Gemini Response: Yes, there is an incredibly high probability that this is a spear-phishing email.
- Do not click any buttons like "View Email" or "Request Passcode."
- Do not reply to the message to ask if it's real; this just confirms to the attacker that your email address is active.
- Report it: Mark the email as "Report Phishing" directly within your Gmail interface so Google's automated filters can block the infrastructure behind it.
How to examine Email Message Source?
Now let's look at message source- Outlook.com->Actions->View Message Source.
- Gmail.com->More (down arrow to top right)->Show original.
-------------------------------------------------------------------------------------------------------------
Report Phishing Email (not as Spam)
- Outlook.com->Junk (at Top)->Phishing Scam
- Gmail.com->More (down-arrow to top right)->Report Phishing
