Google warns about the 5 most common scams today

As online scams become more sophisticated and prevalent, cybercriminals are constantly developing new tactics to trick unsuspecting victims.

They take advantage of advanced technology, exploit human psychology and create increasingly difficult-to-detect tricks.

In response, Google has released a list of the latest online scam trends that the company's Trust & Safety team has detected and addressed.

This list includes the five most common forms of fraud today, along with important tips to help users protect themselves from cyber risks.

1. Authentic celebrity impersonation

Scammers are using AI-powered deepfake technology to create images and videos impersonating celebrities with astonishing realism.

These fake content are often used in phishing campaigns promoting fake investments, free gifts, or malicious apps, making it easy for victims to fall for them.

According to Google, these scams are becoming more sophisticated, combining traditional impersonation and investment fraud, and exploiting multiple platforms and products in a single campaign.

Deepfake videos or images can appear on social media, online ads, or even in phishing emails, creating the illusion that a real celebrity is promoting an attractive investment opportunity or giveaway.

Safety Tips:

- Be wary of unnatural expressions or strange facial movements in videos or images you see. Deepfake technology, no matter how advanced, still struggles to accurately reproduce lip movements, eye blinks, and facial expressions, especially in low-quality videos.

- Always check the source of information, especially unusual promotions or celebrity investment appeals. If an offer seems too good to be true, look up information from reputable sources before making a decision.

2. Cryptocurrency investment scam

Cryptocurrency investment scams continue to proliferate with unrealistically high returns promised, preying on the greed and ignorance of victims.

Scammers often use images of celebrities or financial experts to create false credibility, making many people believe this is a real investment opportunity.

According to Google, many of these scams originate from organized crime syndicates, operate across borders, and target victims in other countries to avoid detection by authorities.

Scammers may use fake websites, online advertisements, or even contact victims directly via social media to convince them to invest.

Safety Tips:

- Be wary of promises of "guaranteed" or extremely high returns with no risk. Any investment that promises huge returns in a short period of time is likely a scam.

- Double check the source of information, do not trust celebrity endorsements if they do not come from their official website.

- Research the project carefully before investing, verify information through reputable financial sources and avoid platforms that lack transparency or are unregulated.

3. Copy scam

One of the most common forms of online fraud today is phishing scams, in which scammers create fake apps, fraudulent websites, or landing pages that mimic legitimate brands to trick users.

These fake websites are often designed to look almost identical to official websites with the intent of stealing personal information, committing financial fraud, or spreading malware.

One common tactic scammers use is fake tech support. They create websites or pop-ups that pretend to be customer support centers of large companies, alerting users to fake security issues and tricking them into sharing sensitive information or paying for non-existent services.

Recently, attackers have expanded their targeting to employee login portals and third-party services, creating fake login pages that mimic the look and feel of corporate systems to trick employees into entering their login credentials.

If successful, the attacker can penetrate the company's internal system, causing serious consequences such as data leakage, financial information theft or corporate account hijacking.

Safety Tips:

- Always visit the company's official website by typing the address directly into the search bar instead of clicking on suspicious links in emails or messages.

- Check carefully for unusual signs like subtle spelling errors, inconsistent fonts, strange formatting, or random emojis in suspicious emails or websites.

- Do not share personal information or make payments through unofficial channels. If you receive a suspicious request, contact the company's customer support directly to verify its authenticity.

4. Sophisticatedly conceal the phishing website

To avoid detection by Google's security and censorship systems, scammers employ sophisticated cloaking techniques to hide malicious content and lure users to fraudulent websites.

One common method they use is to show different content to Google and to actual users. This means that when Google's systems crawl a website to evaluate it, they only see valid or harmless content.

However, when users visit, this website redirects them to fraudulent websites such as investment scam sites, or malware installation sites.

This cloaking allows scammers to bypass policy-violating content scanners and extend their time before being detected and taken down. This technique is particularly dangerous because users can accidentally visit scam sites without noticing any warning signs.

Safety Tips:

- Double-check the URL (website address) before clicking any link. If the link looks suspicious, is unusually long, or has strange characters, avoid it.

- After clicking the link, double-check your browser's address bar to make sure the page you're visiting is exactly the same as the one you expected. Scammers may use subtle variations of the official domain name (e.g. "google.com" instead of "google.com") to fool users.

- If a website suddenly redirects you to other content, especially one that requires entering personal information or downloading software, exit immediately and report the page if necessary.

5. Take advantage of major events

Cybercriminals are increasingly sophisticated in exploiting important events to commit fraud, targeting people interested in or wanting to participate in these events.

They can use artificial intelligence (AI) to create deceptive content, from fake videos, fake product ads to fake charity donation campaigns.

Events commonly exploited by scammers include:

- Natural disasters (earthquakes, storms, forest fires, etc.): Fraudsters create fake charities to attract the generosity of people who want to contribute to the victims.

- Astronomical events (eclipses, comets, rare phenomena…): They advertise fraudulent products such as substandard eclipse glasses or goods that claim to be “NASA certified” when they are completely bogus.

- Sports and entertainment events (football finals, concerts with famous singers...): Scammers sell fake tickets, fake livestream links or launch investment scams related to the event.

Safety Tips:

- Only donate money and purchase products from verified, reputable platforms, such as official websites of organizations or well-known brands.

- Double check advertised information by searching on reliable sources before making a transaction.

- Be wary of websites that ask for personal information or quick payments, especially if they appear right after a major event.