cd /news/ai-safety/ask-hn-phishing-from-646-257-4500 · home topics ai-safety article
[ARTICLE · art-25715] src=news.ycombinator.com pub= topic=ai-safety verified=true sentiment=↓ negative

Ask HN: Phishing from 646-257-4500

A user reported a phishing call from 646-257-4500 where scammers impersonated Google support and sent a convincing spoofed email with valid DKIM and SPF headers. The email passed Google's authentication checks, raising concerns about how such phishing attempts bypass security filters.

read1 min publishedJun 12, 2026

Yesterday, I got a call from 646-257-4500.

American western male voice. Very polite. They actually called me 3 times. The first two, I just hung up.

They were claiming they received a request from the google support portal for a change of phone number on my account and wanted me to verify my account.

They sent me an email which looks very much like it came from Google… even in the headers! I don't see anything intrinsically wrong in it.

Subject: Re: You are now on the phone with a verified Google Agent, your Case ID is: XXXXX. Please ask your Agent to confirm this over the phone.

  ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@google.com header.s=20251104 header.b=XXXX;
       spf=pass (google.com: domain of XXXX.XXXX.XXX@cases-outbound-prod.bounces.google.com designates 209.85.220.75 as permitted sender) smtp.mailfrom=XXX.XXX.XXX@cases-outbound-prod.bounces.google.com;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com;
       dara=pass header.i=@gmail.com
  Received: from mail-sor-f75.google.com (mail-sor-f75.google.com. [209.85.220.75])
        by mx.google.com with SMTPS id XXXX-XXXX.10.2026.06.11.14.42.06
        for 
        (Google Transport Security);
        Thu, 11 Jun 2026 14:42:06 -0700 (PDT)

They hung up immediately when they realized that I wasn’t going to read them that code.Searches for the number confirm I'm not the only one.

I guess my question is how they could send that email!?

Why isn't google filtering this out through their system?

Comments URL: https://news.ycombinator.com/item?id=48510035

Points: 2

source & further reading
news.ycombinator.com — original article Ask HN: Are you using Spec Driven Development? Anthropic Fable just deleted a .git folder of mine, what's next? I created an AI agent that finds investors that and does reachouts to investors
── more in #ai-safety 4 stories · sorted by recency
sponsored brought to you by zahid.host 4,200+ EU-deployed projects
reading about agents? ship yours in a single git push.

Run your AI side-project on zahid.host

EU-based hosting, git-push deploys, automatic HTTPS, no cold starts. Free tier with a custom domain — perfect for shipping the agent you just read about.

$git push zahid main
Live at https://your-agent.zahid.host
Get free account → Pricing
from €0/mo · no card required
LIVE [news/ask-hn-phishing-from…] indexed:0 read:1min 2026-06-12 ·