This New Google Phishing Scam Looks Real – How to Spot It and Stay Safe
A convincing new phishing campaign is making the rounds, designed to look exactly like a legitimate Google security alert. If you receive an unexpected notification claiming unusual activity on your account, it’s worth pausing before clicking anything.
How the Scam Works
The attack arrives either as an email or a browser pop‑up that closely mimics Google’s official alert design. The message typically warns of a suspicious sign‑in attempt, a device you don’t recognize, or a security issue requiring immediate action. It includes a link that leads to what appears to be a standard Google login page.
That login page is fake. Any credentials you enter go straight to the scammers, who can then access your Gmail, Drive, and any other service linked to that account.
What makes this version particularly effective is the attention to visual detail. The logos, fonts, and layout are all close enough to the real thing that many people glance at the sender name (“Google Security”) and click without a second thought.
Red Flags to Watch For
Even well‑crafted fakes leave clues. Here are a few things to check before you act on any security alert:
- The sender’s email address. Emails from Google come from
@google.comor@accounts.google.com. If you see a variation like@google-security.com,@google-verify.net, or any other domain, it’s a scam. Hover over the sender name in your email client to see the actual address. - Urgency or threats. Scammers often write something like “Your account will be suspended within 24 hours.” Google rarely uses that kind of language in a routine notification.
- Typos and awkward phrasing. Official Google communications are generally polished. Even small grammatical mistakes or odd capitalisation can be a sign.
- The link destination. Don’t click a link in the email. Instead, hover your mouse over it (or long‑press on mobile) to preview the URL. If it doesn’t start with
https://accounts.google.comorhttps://myaccount.google.com, don’t trust it.
If you’re unsure, open a new browser tab and go to myaccount.google.com directly. Any real security issue will appear there.
What to Do If You Clicked
If you already entered your password on a suspicious page, act quickly:
- Change your Google password immediately. Do this from a trusted device on a fresh browser session – not from the same link. Go to
myaccount.google.comand select “Security” then “Password.” - Sign out of all other sessions. While you’re in your account settings, find the option to “Sign out of all other web sessions.” This will kick out anyone who may already have gained access.
- Enable two‑factor authentication (2FA). If you haven’t already, add a phone number or an authenticator app. Even if an attacker gets your password, they won’t be able to log in without the second factor.
- Check recent account activity. Under “Security,” look for “Recent security events” and “Your devices.” Revoke access for anything you don’t recognise.
How to Report the Scam
You can help others by forwarding the phishing email directly to Google’s abuse team: [email protected]. If you encountered the scam as a pop‑up or a fake site, use the Google Safe Browsing report form. The more reports they receive, the faster they can block the malicious URLs.
General Phishing Prevention Tips
- Never click links in unsolicited security alerts. Navigate to the service’s official website on your own instead.
- Use a password manager. It will only autofill credentials on the correct domain, making it harder to accidentally give your password to a fake site.
- Keep your browser updated. Modern browsers include built‑in phishing protection that warns you before you land on a known malicious page.
- Stay suspicious of any message that pressures you to act immediately. Legitimate companies understand that security is important – they won’t push you into a rushed decision.
No security system is perfect, but a few seconds of checking the details can save a lot of trouble. If something feels off, it probably is.