No, it’s not phishing, it’s legit, the header match with google and the link goes to https://accounts.google.com/AccountChooser/signinchooser?continue=https%3A%2F%2Fadmin.google.com%2Fac%2Fac%2Falert%2Fdetails%3FalertId%3D3…
Why not just write the message there instead of letting me login to watch the important notification???
They know my name, yet they wrote “Dear Google Workspace Administator” as the most generic phishing attempts.
Were you expecting a Google employee to notice the issue, think “Uh oh, I better let Moonrise know about this!” and type out an email for you?
Email templates are ubiquitous and can easily insert names and any other variable.
Do you know that’s trivial to write a marketing email like
“Dear <name placeholder>…”
I get that Google is just a startup with limited resources and can’t afford expensive marketing tools, but this is a basic feature offered in every marketing email software, even free ones.
The reason is that a phishing scammer usually just got a leaked/stolen email list without names, and by stating “dear <name>” they show that it’s not a phishing.
Once you train users that generic emails with “click here to read the message” are legit, then phishers have an easier life.
In this specific case they’re just announcing that a Google service that nobody was using has been killed (as is tradition) and they’re going to delete the data, there’s no reason at all to have a “click here to read”.