Google’s Latest Fraud and Scam Advice

Tech giants track the rise of sophisticated online scams and share tips on how to protect yourself

Google’s Trust & Safety teams have published their latest advisory, detailing current and seasonal online scam trends and the strategies being employed to counter them. These observations underscore the persistent global challenge posed by sophisticated transnational crime groups that increasingly exploit vulnerable internet users for financial gain. The scope of the problem is significant: a 2025 Global Anti-Scam Alliance report indicated that 57% of adults worldwide experienced a scam in the past year, with 23% reporting financial losses. Crucially, analysts note a growing misuse of AI tools by scammers to rapidly scale and enhance their fraudulent schemes.

Key Scam Trends Monitored by Analysts

The advisory highlights several evolving threat categories, from job fraud to AI-related impersonation.

1. Online Job Scams: Targeting the Unemployed

Fraudsters are increasingly impersonating legitimate job platforms and well-known companies to target job seekers. These campaigns utilize detailed imitations of official career pages, fake recruiter profiles, and fraudulent government postings distributed via phishing emails and deceptive advertisements.

Scammers often demand upfront registration or processing fees. Simultaneously, they use fake application forms and video interviews to harvest sensitive data, including banking details and personal identification documents. These schemes also frequently serve as a way to deliver complex, harmful software, such as Remote Access Trojans (RATs) and info-stealers disguised as interview software. The consequences for victims are severe, ranging from financial theft and identity fraud to system compromise that allows for credential harvesting and corporate network infiltration.

Google maintains a strict Misrepresentation policy to prohibit fraudulent ads, including those offering fake job opportunities. Security measures like Gmail’s automated phishing detection, Google Messages Scam Detection, and 2-Step Verification are crucial defenses against credential theft. Users are reminded that a legitimate company will never require upfront payments to secure a job.

2. Negative Review Extortion Schemes: Attacking Businesses

Malicious actors have developed tactics to extort businesses by orchestrating targeted attacks using inauthentic negative reviews. The process often begins with “review-bombing,” where bad actors flood a business’s profile with fake one-star ratings to circumvent moderation systems.

Following this initial attack, the scammers contact the business owner, typically through third-party messaging apps, to demand payment. They threaten to maintain the negative reviews or escalate the attack further to coerce the business into paying the extortion demand. Google Maps has clear policies against fake engagement and extortion and is currently rolling out a new system that allows merchants to directly report extortion attempts for swift action. Businesses should never engage with or pay the ransom, but instead use the official merchant reporting form and preserve all communication records as evidence.

3. AI Product Impersonation Scams: Exploiting Enthusiasm

The strong public interest in generative AI tools is being exploited by cybercriminals as a social engineering lure. Threat actors create sophisticated scams that impersonate popular AI services, promising “free” or “exclusive” access.

These fraudulent offers manifest as malicious mobile/desktop apps, credential-stealing phishing sites, “fleeceware” apps with exorbitant fees, and malicious browser extensions. Scammers promote these traps using advanced techniques, including cloaked malvertising and hijacked social media accounts. The risks include info-stealing malware and financial loss, as well as compromised corporate networks. Google actively removes apps on Play that mimic legitimate AI services, and Safe Browsing’s Enhanced Protection mode in Chrome uses AI to provide real-time warnings against visiting malicious sites. Users should only download from official sources and remain skeptical of “too good to be true” offers.

4. Malicious VPN Apps and Extensions: Privacy Hijacked

Threat actors are distributing malicious applications disguised as legitimate VPN services to compromise user security and privacy. These actors often impersonate trusted enterprise and consumer VPN brands or use emotional lures, such as exploiting geopolitical events, to target vulnerable users seeking secure internet access.

Once installed, these apps deliver dangerous malware payloads, including info-stealers, Remote Access Trojans, and banking trojans that exfiltrate sensitive data like browsing history and financial credentials. Both Android and Google Play utilize machine learning algorithms to detect potentially harmful apps. Notably, Google Play Protect’s enhanced fraud protection pilot analyzes and automatically blocks the installation of apps that may abuse sensitive permissions when installed from non-official sources (sideloading). Users are advised to only download VPN apps from official sources, check the requested app permissions, and avoid free, unknown offers.

5. Fraud Recovery Scams: Secondary Victimization

Individuals who have already been victimized by fraud are now being targeted by secondary fraud schemes that promise asset recovery. Scammers pose as authoritative entities such as blockchain investigators, law firms, or government agencies.

These bad actors often reach targets through online advertising or using lists of prior victims, promising to reclaim lost funds in exchange for an upfront fee. These operations are growing more sophisticated, sometimes using generative AI to bolster high-quality fake websites and realistic documents. This scam is particularly devastating as it compounds the victim’s initial financial and emotional trauma. Android provides advanced scam notification protections in Google Messages and Phone by Google, delivering real-time warnings before a conversation turns dangerous. It is crucial to be skeptical of unsolicited contact and remember that legitimate recovery entities will never demand an upfront fee to guarantee asset recovery.

6. Seasonal Holiday Scams: Exploiting Urgency

Scammers consistently increase their fraudulent activity during major shopping periods, such as Black Friday and Cyber Monday, by exploiting heightened consumer demand and urgency. These seasonal campaigns use deceptive offers to lure unsuspecting shoppers, leading to widespread financial theft.

Tactics include creating fake online storefronts that appear as sponsored links, impersonating well-known brands, and running deceptive ad campaigns that promote misleading, “too good to be true” discounts on social media. Analysts also observe a surge in targeted phishing and smishing campaigns that impersonate delivery services to demand fake redelivery fees. Google’s policies against Misrepresentation and Counterfeit Products are designed to block deceptive deals. For the current shopping season, Google is focusing on package tracking scams, with new protections rolled out to Google Messages users. Furthermore, users of Google Pixel 9 and later devices who opt-in to Enhanced Protection in Chrome will receive additional defense via local Gemini models and Safe Browsing. Consumers must be wary of deals that seem drastically cheaper than anywhere else and unexpected delivery texts urging immediate action or payment.