请问HN：来自646-257-4500的网络钓鱼攻击

Yesterday, I got a call from 646-257-4500.<p>American western male voice. Very polite. They actually called me 3 times. The first two, I just hung up.<p>They were claiming they received a request from the google support portal for a change of phone number on my account and wanted me to verify my account.<p>They sent me an email which looks very much like it came from Google… even in the headers! I don&#x27;t see anything intrinsically wrong in it.<p>Subject: Re: You are now on the phone with a verified Google Agent, your Case ID is: XXXXX. Please ask your Agent to confirm this over the phone.<p><pre><code> ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20251104 header.b=XXXX; spf=pass (google.com: domain of XXXX.XXXX.XXX@cases-outbound-prod.bounces.google.com designates 209.85.220.75 as permitted sender) smtp.mailfrom=XXX.XXX.XXX@cases-outbound-prod.bounces.google.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com; dara=pass header.i=@gmail.com Received: from mail-sor-f75.google.com (mail-sor-f75.google.com. [209.85.220.75]) by mx.google.com with SMTPS id XXXX-XXXX.10.2026.06.11.14.42.06 for &lt;XXXX@gmail.com&gt; (Google Transport Security); Thu, 11 Jun 2026 14:42:06 -0700 (PDT) </code></pre> They hung up immediately when they realized that I wasn’t going to read them that code.<p>Searches for the number confirm I&#x27;m not the only one.<p>I guess my question is how they could send that email!?<p>Why isn&#x27;t google filtering this out through their system?