New Google Scam Looks Real — Here’s How to Spot It and Stay Safe

New Google Scam Looks Real — Here’s How to Spot It and Stay Safe

A convincing phishing attack is tricking Gmail users with official-looking alerts. Here’s what to watch for — and what to do if you’ve already clicked.

If you use Gmail or any Google service, you’ve probably received legitimate account alerts before: “Suspicious sign-in detected,” “New device added,” or “Your storage is almost full.” They come from Google, look clean, and usually prompt you to take action.

Now scammers are sending almost identical versions of those emails. The difference? The link takes you to a fake login page designed to steal your credentials.

Reports of this campaign have been circulating, including a recent article from Reader’s Digest warning readers about the tactic. The scammers rely on the same psychological hook that makes many phishing attempts work: urgency. The message claims something unusual is happening with your account, and you need to verify or secure it immediately.

What happened?

The attack starts with an email that looks like it came from Google. The subject line might say something like “Google Account: Unusual sign-in attempt” or “Action required: Verify your account.” The email uses Google’s logo, color scheme, and formatting. Often it includes a button labeled “Review activity” or “Secure your account.”

If you hover over that button — or any link in the email — the actual web address doesn’t lead to a Google domain. Instead, it points to a site that mimics Google’s login page, sometimes with a URL like accounts-google.com or google-secure-login.com. Once you enter your email and password, the scammer captures them.

This isn’t a new technique in principle, but the execution here is more polished. The emails can pass a quick glance test because they replicate official Google templates closely. Some versions also include the recipient’s real email address in the “To” field, which adds to the illusion.

Why it matters

A stolen Google account is a serious problem. Many people use Gmail as their primary email, and that account is often tied to password resets for other services — banking, social media, shopping, work tools. Once a scammer gains access, they can lock you out, send phishing emails to your contacts, and attempt to reset passwords for other accounts.

According to Google’s own security advice, the company never asks for your password by email. But in these scams, the fake page asks you to sign in, which effectively hands over your credentials. Even if you don’t enter your password, clicking the link alone may allow the scammer to track your activity or load malicious scripts, though the primary risk is credential theft.

What you can do

If the email is still in your inbox:

1. Don’t click any links — not even to “unsubscribe” or “learn more.” Close the email.
2. Check the sender address. Open the email and look at the full email address, not just the display name. Legitimate Google emails come from domains like @google.com, @accounts.google.com, or @mail.google.com. Scammers often use variations like @google-support.com, @googlesecure.net, or a completely unrelated domain.
3. Hover over any links (without clicking) to see where they lead. If the URL doesn’t start with https://accounts.google.com or https://myaccount.google.com, it’s almost certainly fake.
4. Look for clues in the message itself. Typos, generic greetings like “Dear user” instead of your name, and mismatched sender names are common red flags.
5. Report the email. In Gmail, click the three dots next to the reply button and select “Report phishing.” You can also forward the email to Google’s phishing team at [email protected].

If you already clicked the link or entered your password:

• Change your Google password immediately. Do this from a trusted device by going directly to https://myaccount.google.com. Do not use any links from the suspicious email.
• Enable two-factor authentication (2FA) if you haven’t already. Google’s 2FA options include phone prompts, authenticator apps, and security keys. This adds a second step that can stop scammers even if they have your password.
• Check your recent account activity. In your Google Account settings, go to “Security” and review the list of devices and recent sign-ins. If you see any unfamiliar activity, sign out of that device and remove it from your trusted list.
• Run a malware scan on your computer or phone. Some phishing pages can drop tracking scripts or keyloggers. A full scan with a trusted antivirus tool can help catch anything suspicious.
• Monitor your other accounts. If you used the same password elsewhere, change those passwords too. Enable breach alerts from Google or a service like Have I Been Pwned.

The bottom line

Scams like this one are effective because they look real enough to persuade a busy or worried person to act quickly. But the fundamentals of staying safe haven’t changed: verify the sender before you click, never enter your credentials after following an email link, and always navigate to official sites directly when you need to check your account. If an email creates a sense of panic, pause and investigate before responding.

Sources:

• Reader’s Digest, “Warning! This New Google Scam Looks Totally Legit—But Whatever You Do, Don’t Click on It” (April 2026)
• Google Safety Center, phishing reporting guidelines
• General phishing prevention guidance from the Federal Trade Commission (FTC)