How to Spot the New Google Scam That Looks Real — and What to Do If You See It

A convincing new scam targeting Google users is making the rounds. It shows up as an official-looking alert about a problem with your account, often including a phone number to call or a link to click. The design mimics Google’s real notifications so closely that even careful users might hesitate. Here’s what we know about how it works, why it’s effective, and what you can do to protect yourself.

What Happened

According to a recent report from Reader’s Digest, scammers are sending fake Google account alerts by email, text, or even through browser pop-up messages. These alerts claim something urgent — like suspicious sign-in activity, a compromised password, or an account suspension. The message urges you to call a toll-free number or click a link to “verify your identity” or “secure your account.”

If you call the number, a person claiming to be a Google support agent answers. They’ll ask for your account email and password, and sometimes a verification code sent to your phone. If you click the link, you land on a page that looks nearly identical to a real Google login page. Either way, your credentials end up in the hands of scammers.

The scam works because it uses official-looking branding, realistic language, and a sense of urgency. Google does send security alerts — but never by phone call, and never asking you to call a random number or click an unfamiliar link. All legitimate Google communications come from addresses ending in @google.com or through the official Google Account page at myaccount.google.com.

Why It Matters

This particular scam is dangerous because it exploits the trust people have in Google. Many of us rely on Gmail, Google Drive, Google Photos, and other services. Losing access to a Google account can mean losing years of emails, documents, and contacts — and it can also allow scammers to reset passwords for other accounts linked to that email.

The “Google support call” tactic is especially convincing because the scammers often spoof the caller ID to show a Google or California number. They may already know some details about you from data breaches, which makes them sound legitimate. Once they have your password and a two‑factor authentication (2FA) code, they can lock you out and use your account for phishing campaigns or other fraud.

The urgency is intentional. When you panic about losing access, you’re less likely to double‑check details. That’s why understanding the scam in advance matters — knowing what to expect can keep you from falling for it.

What Readers Can Do

If you encounter a message that claims to be from Google and asks you to call a number or click a link, here are the steps to take:

  1. Do not call the number and do not click any links. Close the message or pop‑up. If you’re unsure about the status of your account, go directly to myaccount.google.com and sign in normally. Check for any real alerts there.

  2. Report the scam. Forward phishing emails to [email protected]. For text messages, take a screenshot and send it to Google’s abuse team using the form at support.google.com. You can also report it to the FTC at ReportFraud.ftc.gov.

  3. Secure your account immediately. If you think you may have entered your credentials on a fake page, change your password right away. Enable two‑factor authentication if you haven’t already — preferably using a hardware key or an authenticator app, not SMS. Review your recovery email and phone number. Check for any unauthorized devices or activity in your Google account security settings.

  4. Stay informed about common tactics. Google will never call you unsolicited about account issues. They will never ask for your password or a verification code over the phone. Legitimate alerts come through the official channels, and they never include a phone number to call.

  5. Use a password manager to generate and store unique, strong passwords for all your accounts. That way, even if one account is compromised, scammers can’t reuse that password elsewhere.

The best defense is skepticism. When you get an unexpected alert that demands immediate action, pause. Go to the service directly — don’t use the contact info provided in the message. That one extra step can save you from a lot of trouble.

Sources: Reader’s Digest report on the scam (April 2026); Google’s official security guidelines at support.google.com; FTC resources on phishing.