Tips and tools
to help you stay safer online
In addition to the automatic protections built into our products, here are some additional tips to help you avoid online scams and safely sign in to your apps and devices.
Avoiding online scams
and phishing attempts
- Be wary of emails from strangers
- Think twice about urgent requests
- Verify the sender’s email address
- Check for look-alike domains
- Hover before you click the link
- Ignore password resets you didn’t submit
- Ask a lot of questions
- Don’t click on links sent through texts
- Don’t share temporary credentials
- Avoid urgent requests from callers
- Listen to the warnings from built-in protections
- If in doubt, learn more about the ad and who made it
- Check URLs before clicking on unfamiliar links
- Gather insights about the webpage, store, or business using the About this result tool
- Look for official resources and be wary of unusual formatting
- If you’re a business, highlight your customer support directly on Search
Six common scams and how
you can protect yourself from them
Safety Tip: During major events, make purchases or donations only through established platforms and official event organizers.
By combining new and emerging technologies with traditional scam techniques, bad actors can swiftly react to breaking news and major events, making their schemes appear more believable.
They know that during major events, people tend to feel pressured to act quickly — whether to secure high-demand concert tickets, buy limited-edition items, or help disaster victims — and scammers use this sense of urgency to their advantage.
Google has dedicated sensitive-event policies including for Ads and Shopping, monetization on YouTube, and Play. These policies prohibit products or services that exploit, dismiss, or condone the sensitive event, and use enhanced monitoring to keep you safer during major events.

Safety Tip: Be wary of any investment advice that seems to come from celebrities or business leaders, especially on social media. Watch for unnatural facial movements or expressions in videos — these can be signs that the content is fake. Remember: If an investment opportunity sounds too good to be true, it probably is.
Scammers create fake videos and images to make it appear as though well-known public figures are promoting their schemes.
These scams combine AI-generated photos, voiceovers, or videos (often called “deepfakes”) with fabricated news articles and social-media posts to promote fraudulent investment opportunities.
The combination of familiar faces, seemingly professional content, and the promise of high returns can make these scams particularly persuasive.
In 2024, we updated our Misrepresentation Policy to address public-figure impersonation scams in Google Ads.
YouTube has long-standing policies on impersonation, forbidding content that is intended to impersonate a person or channel, and on misinformation, prohibiting content that has been technically manipulated or doctored in a way that misleads users. And we develop open tools like SynthID to watermark and identify AI-generated content.

Safety Tip: Always verify the website you’re on before making purchases. Be especially careful during major sale events — check the URL carefully, look for signs of legitimate security features, and be wary of unusually low prices or urgent time pressures. Use Google’s About this result feature to learn more about unfamiliar websites, and My Ad Center to find advertiser information such as name and location and to report a bad ad.
Scammers create fake websites that mimic legitimate shopping, travel, and retail sites. These deceptive sites often lure people with incredibly low prices on popular items, luxury goods, concert tickets, or travel deals.
Scammers also seek to manipulate business listings by trying to add fraudulent contact numbers to impersonate public business profile listings. They attempt to trick users into contacting scammers instead of legitimate customer-service representatives.
Google maintains strict policies and actively scans for and removes sites that engage in phishing, cloaking, or the impersonation of legitimate businesses.
As an additional safety layer, advertisers may be
required to complete our advertiser verification program
to verify information regarding their business or identity
to help us better understand who they are and what they
are advertising.

Safety Tip: Never give anyone remote access to your device based on an unsolicited call or message. Legitimate companies won’t contact you first about technical problems — if you need support, always reach out through the official website or phone number of the company you want to contact. You can increase your security by enabling 2-Step Verification, passkeys, or Password Manager.
Scammers pose as technical support staff from well-known companies, banks, and government agencies. They create a sense of urgency by claiming there’s a problem with your device, account, or online security, often using convincing technical language and websites that closely mimic legitimate support pages.
These scammers use sophisticated techniques like caller ID spoofing and carefully scripted conversations to appear legitimate. They adapt their approach based on their target, and their ultimate goal is to convince victims to install remote access software, which gives them control over the device and access to personal information, banking details, and the ability to make unauthorized transactions.
At Google, our systems actively detect and block suspicious tech-support sites and advertisements. Google Messages has built-in security features that can alert you if something suspicious is detected. In addition, legitimate businesses can showcase their verified customer-support options directly on Google Search, while our Safe Browsing technology helps warn users about potentially dangerous sites and downloads.

Safety Tip: Be cautious of job offers that seem too good to be true or require handling money transfers. Legitimate employers won’t ask for payment during the hiring process or require you to use your personal accounts for business transactions. Always verify job opportunities through official company websites and channels. About this result can give you more information about the online source.
Scammers sometimes target job seekers with promises of high-paying remote work and international opportunities. These fraudulent job offers may appear on legitimate job sites and on social media platforms, making them particularly difficult to identify. Scammers often pose as legitimate international companies, offering positions in areas like cryptocurrency trading, data entry, or digital marketing.
While some operations aim to collect up-front fees or personal information, others unknowingly draw victims into money-laundering schemes or other illegal activities. For example, victims might be asked to handle financial transactions or cryptocurrency transfers, unknowingly participating in criminal activities that could have serious legal consequences.
At Google, we actively monitor for these schemes and remove fraudulent job listings across our platforms. Our systems are designed to detect and block suspicious job-related content that shows signs of potential fraud. We may also require additional verification to help us understand more about the actor behind the listing.

Safety Tip: Only get loans from licensed financial institutions and official banking apps. Be very suspicious of loan apps that require access to your contacts, photos, or location — legitimate lenders don’t need this information. If an app offers instant approval with minimal documentation, it’s probably a scam. If you find an issue with an app or review on Google Play, you can flag it to our team.
Fraudulent lending apps target people who are seeking quick access to money, promising fast, easy loans with minimal paperwork. These apps are professionally designed to mimic legitimate financial services and banks. Once installed, they demand extensive access to personal information — including contacts, photos, and location data — which they may later use for harassment.
As part of these scams, victims typically receive less money than requested but must repay the full amount in addition to extremely high interest rates. When borrowers inevitably struggle with these terms, scammers use the personal data they collected to threaten and pressure them, often targeting their friends and family with harassment or threatening to share modified photos.
At Google, we maintain strict policies against deceptive financial-services apps on our platforms. We actively scan for and remove apps that request unnecessary device permissions or show signs of predatory behavior. Our Google Play Protect service helps identify and block harmful loan apps before they can be installed, and we work closely with financial regulators to identify and stop fraudulent operations. In some countries, we also require a specific verification process to advertise financial services on our platforms.


Test your scam-spotting skills
Fighting scams and fraud, every day
How to make sign in even safer
Keep your devices secure
If your phone is ever lost or stolen, you can visit your Google Account and select “Find your phone” to protect your data in a few quick steps. Whether you have an Android or iOS device, you can remotely locate and lock your phone so that no one else can use your phone or access your personal information.
Review the software you use regularly to make sure you are always running the latest version available. Some services, including the Chrome browser, can update automatically so you have the latest security features and fixes.
We take care of your device with Google Play Protect, Google’s built-in malware protection for Android, but you should always download your mobile apps from a source you trust. To keep your data protected, review your apps and delete ones you don’t use, enable app auto-updates, and limit app access to sensitive data like your location and photos.
When you are not using your computer, laptop, tablet, or phone, lock your screen to keep others from getting into your device. For added security, set your device to automatically lock when it goes to sleep.
Browse the web safely
Be careful about using public or free WiFi, even if it requires a password. These networks may not be encrypted, so when you connect to a public network, anyone in the vicinity may be able to monitor your internet activity, including the websites you visit and the information you type in there. If public or free WiFi is your only option, the Chrome browser will let you know in the address bar if your connection to a site is NOT secure.
Watch this video to learn more about the importance of using secure WiFi connections, and for tips on how to secure your own WiFi network.

When you are browsing the web — and especially if you plan to enter sensitive information like a password or credit-card number — make sure the connection to the sites you visit is secure. The default state of any connection is secure. If the connection is not secure, the Chrome browser will display a red “Not Secure” chip in the address bar. HTTPS helps keep your browsing safe by securely connecting your browser and apps to the websites you visit.
Google Location Accuracy uses publicly broadcast WiFi data from wireless access points and GPS, cell tower, and sensor data to improve location-based services. For instructions on how to opt out of having your WiFi access point collected, learn more here.