Learn to spot scams in emails, websites and more
Learn common signs of whether an email, link, website or notification is part of a scam to breach your security, and how to avoid falling into the trap.
Features are subject to availability. The steps may look different depending on your device.
What are online scams?
Scammers may try to trick you and gain access to your Google Account or financial information. They often impersonate trustworthy companies and send legitimate-seeming emails, text messages, and automated calls.
The Golden Rules to Avoid Scams
Here are some rules to keep in mind when evaluating whether an email or website is a scam:
- Slow it down: Scams are often designed to create a sense of urgency. Take time to ask questions and think it through.
- Spot check: Do your research to double check the details you are getting. Does what they’re telling you make sense?
- Stop! Don’t send: No reputable person or agency will ever demand payment or your personal information on the spot.
When in doubt, remember: If it’s too good to be true, it isn’t true.
Impersonations
Scammers often pose as legitimate organizations like the government or nonprofits. Google is such a widely-used and trusted brand that bad actors sometimes use Google’s name to defraud and scam users.
Scams might include fraudulent job offers, fake invoices or counterfeit goods. It’s a good idea to familiarize yourself with common ruses so you can be prepared if you’re ever targeted. Review detailed examples of impersonation scams.
The same rule of thumb applies to messages from your own contacts. If someone you know emails you but their message seems odd, their account might have been hacked. Don’t reply to the message or click any links unless you can confirm the email is legitimate.
Google impersonators
Scammers impersonating Google will ask for private information that Google does not ask for from Google Account users.
Remember that Google will never:
- Ask you to provide your password or other sensitive information by email or through a link.
- Call you unsolicited and ask for any forms of identification, including verification codes.
- Email you with a call to action leading to a sign-in page of the account the email was sent to.
- Send you a text message directing you to a sign-in page.
- Send a message via text or email asking you to forward a verification code.
To check if it’s really Google trying to reach you, follow these directions.
Unexpected Prize and Lottery Scams
Do not trust a message claiming that you’ve received a prize or an amount of money from Google. These scams can be sent via email or as pop-up notifications. Often, the message asks you to provide personal information or answer questions to claim it. Learn more about other common scams by hijackers impersonating Google.
Important: Google does not run lotteries or offer spontaneous prizes like this. Do not reply with your personal details.
Tech Support Scams
Can’t remember your password? We’ve all been there. While direct support from Google is available for paid Google products, Google does not offer phone support for products that are available at no cost. Beware of third-party websites or phone calls that offer technical help or password recovery for Google. These calls and emails are not legitimate or affiliated with Google.
You can find a specific Google product’s support channel through the Help Center.
Important: Google will never charge users to recover their account credentials or change their password, or ask for sensitive information over chat, email, or phone.
Other common scams
Some scammers pose as IRS employees and demand you pay a tax debt, often with Google Play gift cards. The IRS doesn't initiate contact with taxpayers by email, text messages or social media channels to request personal or financial information. Gift cards are frequently asked for by scammers, so be alert for any requests where payment is requested through them.
Another common scam includes negotiating a vehicle sale through Google Payments, but ending with the scammer requesting payment in Google Play gift cards or a bank transfer. Scammers often request unusual payment channels for transactions in order to make it harder for the buyer to get their money back.
Important: It is a violation of our terms of service to use Google Play gift cards for anything other than purchases offered in the Google Play store.
Blackmail and Extortion
Scammers may also make threats of sharing private information, photos or videos of you and demand payment. If someone has posted your personal information or uploaded a video of you without your consent, you can request removal of content based on our Privacy Guidelines. You may also report videos that contain inappropriate content by flagging the video.
Related lessons
What is phishing?
Phishing is a common way that security is compromised. Learn how to recognize phishing so you can protect against it.
Begin lessonWhat is Malware?
Malware is malicious software that can compromise your security. Learn how to recognize it and protect yourself online.
Begin lessonProtect your Android device and Google Account from unauthorized access
You can prevent someone with physical access to your Android device from accessing your Google Account and device data with a few simple steps.
Begin lessonConnect to Wi-Fi securely
Learn to connect to Wi-Fi securely and avoid unsafe Wi-Fi networks to minimize the risk of security breaches.
Begin lesson