How to Spot the New Google Scam That Looks Surprisingly Real

A convincing phishing scam is making the rounds, and it’s tricking even experienced Gmail users. The message arrives as a security alert from Google, warning of unusual sign-in activity or a potential breach. The design is polished, the language is professional, and the sense of urgency is strong. But the link leads to a fake login page designed to steal your credentials.

This isn’t a hypothetical threat. Reader’s Digest reported on the scam in late April 2026, warning that the fake alert can be nearly indistinguishable from a real one. If you or someone in your family uses Google services—Gmail, Drive, YouTube—this is worth understanding.

What the Scam Looks Like

The scam email typically has the following characteristics:

  • Sender address appears to be from Google, but a closer look reveals a misspelling (e.g., [email protected] or [email protected]).
  • Subject line mentions something like “Suspicious sign-in attempt” or “Security alert: new device detected.”
  • Body includes a button or link that says “Review activity” or “Secure your account.”
  • Urgency is created by saying immediate action is required, or your account will be restricted.

If you click the link, you’re taken to a page that looks exactly like the Google login screen. Enter your email and password, and the page silently captures them before redirecting you to the real Google (or showing an error). By that time, the attacker has your credentials.

Why This One Is Different

Phishing emails that claim to be from Google are nothing new. What makes this wave notable is the quality. The logos, fonts, and layout are taken directly from legitimate Google security alerts. Language errors are minimal. The landing page uses HTTPS and a domain that resembles a Google subdomain—at least to a quick glance.

This means that a person checking their email quickly, perhaps on a phone, is very likely to believe it’s real. Many people have reported forwarding the alert to friends out of concern, only later discovering it was a scam.

What Google Actually Does (and Doesn’t Do)

Google does send security alerts to your Gmail inbox. For example, if there’s a login from an unfamiliar location or device, you may get an email. However, Google’s security emails:

  • Never ask you to click a link to verify your identity or enter your password.
  • Are also visible inside your Google Account under Security > Recent security events.
  • Usually address you by name, not “Dear user” or “Google account holder.”

If you’re unsure, the safest move is to ignore the email entirely and go directly to myaccount.google.com to check for alerts. Never use a link from the message itself.

What to Do If You Receive This Email

  1. Do not click any links or download any attachments.
  2. Do not reply to the email.
  3. Report it as phishing in Gmail: open the email, click the three dots menu, and select “Report phishing.”
  4. Forward the email to [email protected] if you want to help Google block similar attempts.
  5. Delete the email after reporting.

If you entered your password on a fake login page, take action immediately:

  • Change your Google password right now. Use a strong, unique password that you haven’t used elsewhere.
  • Turn on two-factor authentication (2FA) if you haven’t already. Google prompts or an authenticator app are far more secure than SMS codes.
  • Run a Security Checkup at myaccount.google.com/security-checkup. This will show recent activity, signed-in devices, and apps with access.
  • Revoke access to any apps or devices you don’t recognize. Under “Third-party apps with account access,” remove anything suspicious.
  • Check for forwarding rules in Gmail settings. Attackers sometimes set up filters to forward your emails to themselves.

Preventing Future Attacks

Beyond reacting to a single scam, a few habits help protect you:

  • Enable two-factor authentication on your Google account. This is the single most effective step.
  • Use a password manager so you’re not tempted to reuse passwords or type them on fake sites.
  • Hover over links before clicking. On desktop, hover your mouse cursor over any link to see the actual destination in the status bar or a small popup. If it doesn’t end with google.com or a Google-owned subdomain, don’t click.
  • Bookmark the Google Account page and check alerts there directly, instead of relying on email notifications.

Final Note

This scam is active now, but similar variants will keep appearing. The pattern is always the same: create urgency, imitate a trusted brand, and steal credentials. Taking a few seconds to verify a message can save hours of dealing with a compromised account.

If you found this helpful, consider sharing it with family members or friends who might not be familiar with phishing. A quick conversation could keep someone from losing access to their email, photos, or even their online banking accounts.

Sources

  • Reader’s Digest, “Warning! This New Google Scam Looks Totally Legit—But Whatever You Do, Don’t Click on It,” April 30, 2026.
  • Google Safety Center, “Avoid phishing and suspicious emails,” support.google.com
  • Google Security Checkup help page.