Google Chat, formerly known as “Google Hangouts”, is a chat-based messaging app that gives businesses and regular users a space to collaborate and catch up for free. The app is wildly popular, boasting over 10 million downloads on Google Play alone. But as with other platforms like LinkedIn, its large, predominantly professional user base also makes it a magnet for cyber scammers.
Unlike messaging apps like Signal, Google Chat’s security reputation isn’t great. Conversations on the platform are largely unmonitored and accounts can be reached by anyone with a Gmail email address – making users more vulnerable to unwanted advances. Falling prey to scams on Google Chat isn’t inevitable, though.
We’ve spoken to real businesses that have fallen victim to Google Chat scams to save you from making the same mistakes. From your standard-issue phishing attacks to less typical cases of sextortion, here are six scams to be aware of on Google Chat, and advice on how to avoid them.
What are Google Chat Scams?
Google Chat scams refer to any type of cybercrime that takes place on the Workspace platform. Scams take a variety of forms: some grifters send chat requests to users directly, while others try and move conversations to Google Chat from social media sites to take advantage of the app’s lackluster security settings.
Due to the platform’s overwhelmingly professional clientele, Google Chat scams tend to mirror cons spotted on other sites like LinkedIn. But cons aren’t just focused around the nine till five, with romance and sextortion scams also becoming more prevalent on the app in recent years.
Here’s our summary of the most common scams currently circulating Google Chat:
- Google Chat Phishing Scams
- Google Chat Technical Support Scam
- Google Chat Fake Job Offers
- Google Chat Romance Scams
- Google Chat Sextortion Scams
- Google Chat Bogus Giveaways
- Google Chat Crypto Scams
Google Chat Phishing Scams
Unsurprisingly, the most popular scam to be aware of on Google Chat is phishing – a social engineering practice where criminals masque as reputable sources in an attempt to lure sensitive information from victims.
Due to its low barrier to entry and relatively high success rate, phishing scams are now the most common type of cyber attack in the US, and Google Chat’s public access makes it one of the easiest platforms for phishers to target.
Nikita Sherbina from the SaaS company Aiscreen.io almost fell victim to the hustle after receiving a seemingly innocuous message that claimed to be from a well-known client.
“The message contained a link that appeared to be a shared document, but upon closer inspection, it led to a fraudulent login page” Sherbina tells Tech.co. Fortunately, her IT department was quick to shut the request down, but not all Google Chat users are this luckily.
A phishing scam spotted at the University of Miami. Source: miamioh.eduDaily
Google Chat user Rhett Stubbendeck from LeverageRx fell victim prey to the ruse after receiving a “seemingly innocent notification appeared from a very trusted financial institution”.
“What happened afterwards was very unsettling”, he tells Tech.co. “My business accounts were compromised, which gave access to unauthorized parties and gave way to potential data breaches.”
How to avoid this scam: While the rise of generative AI is making phishing requests increasingly hard to decipher from the real deal, telltale signs include an inflated sense of urgency, requests for private information, and misspelled or suspicious-looking email addresses.
Learn more about some red flags to look out for in our guide to avoiding phishing emails.
Google Chat Technical Support Scam
Another common tactic plaguing Google Chat is IT support scams.
Also known as technical support scams, this type of fraud involves fake IT teams reaching out to users and claiming they’ve found a problem with their device. The scammer will then urge the target to install applications to safeguard their systems, or click on a link to resolve the problem.
Humayun Saleem, a marketing consultant for Clashify, told us about a time when his colleague was targeted by this type of scam.
“The scammer claimed their computer was compromised and offered assistance for a fee” Saleem told us. Luckily, his teammate realized it was a scam before any damage was done.
“My colleague wisely ignored the message, highlighting the importance of skepticism and verifying the legitimacy of such claims.”
Similarly to LinkedIn, this scam is pervasive on Google Chat as the platform primarily caters to professional communities. There are a number of tell-tale signs that indicate requests may be illegitimate, though.
How to avoid this scam: Legitimate tech platforms like Google Chat won’t contact you on the app to notify you about errors on your account.
Real IT teams rarely ask you to click on links to resolve issues, either. So if you’re notified about a technical issue on your account try and reach out to service providers directly before following through with any requests.
Google Chat Fake Job Offers
As layoffs sweep across the US, cybercriminals are using fake interview scams to exploit willing candidates looking for work.
Typically, scammers will do a little background research before setting up the honey trap. This may involve logging your employment history on LinkedIn or googling your name to see what sector you’re currently working in.
Fake job interview taking place on Google Chat. Source: reddit.com
It’s common for fake recruiters to reach out to you via LinkedIn or email first, before setting up an “interview” on Google Chat where they’ll continue the charade and try to entice you about the proposed job offer. The perpetrator will then request some type of fee in order for you to move forwards with the process.
Liam Lucas, CEO and Founder of the digital tech company Off Road Genius told us about a time he nearly fell prey to a fake job offer scam.
“I’ve encountered fake job offers where the scammer promises a high-paying job in return for a fee” Lucas shared. In his case, the fee that was demanded was “purportedly for background checks or training materials”, but luckily he declined the bogus offer before any hard-earned cash was exchanged.
How to avoid this scam: Real recruiters will never demand payments before moving you along the onboarding process. Be wary of any company that makes such requests, and do your background research before getting excited about a new job opportunity.
Google Chat Romance Scams
While Google Chat may be an unlikely place to find love, the platform is a popular destination for romance scams, a type of crime where grifters feign a romantic interest with targets before attempting to extort them.
Romance scams are typically orchestrated by international criminal groups who scope out victims on dating sites like Tinder or Bumble. After establishing a rapport with targets, bad actors will try and move the courting process over to platforms with weaker security protocols like Google Chat.
According to Australian psychologist Monica Whitty, perpetrators will then try to develop hyperpersonal relationships with the victim until they feel like they’re ready to depart with their money.
Romance scammer posing as a military doctor. Source dailymail.co.uk
Due to the scam’s reliance on emotional manipulation and deception, Whitty explains the ruse often causes a “double-hit” among victims, as those targeted are left with financial damages alongside the abrupt loss of a personal relationship.
Unfortunately for susceptible singletons, instances of romance scams have shot up 91% since Covid-19, with women making up two-thirds of reported victims.
How to avoid this scam: If someone you meet online asks to move the chat over to third-party messaging apps like Google Chat, immediately question their movies. Also, don’t share financial information or any other personal details before meeting up in person.
Google Chat Sextortion Scams
Sextortion is a type of blackmail where criminals threaten to publish private, sexual content if victims don’t meet their demands.
While cases of sextortion are on the rise across most platforms, Google Chat’s current settings – which don’t allow users to delete chat history for both parties – make it the platform particularly well-suited to scammers looking to engage in this type of crime.
Like romance scams, the particularly distressing type of scam is normally established on dating platforms before being moved to apps like Google Chat. Then, after both parties are using the platform, the scammers will work on building trust, before eventually requesting compromising images, videos, or information from the target.
But it’s not just those handing over sensitive materials that are at risk. It’s becoming increasingly common for sextortion scammers to create sexually explicit content from benign images of victims using photo editors and AI technology – opening the scam up to a much wider pool of potential prey.
How to avoid this scam: Be weary of user that suddenly steer the conversation towards sexual themes and refrain from sharing explicit content with unverified accounts.
If you suspect someone is blackmailing you on Google Chat, document all potential evidence, instantly report the suspect to the platform, and contact the authorities.
Google Chat Bogus Giveaways
Everyone loves a freebie. But with this type of online crime, the only party getting a reward is the scammers.
Google Chat giveaway scams take place when cybercriminals reach out to users on the platform, claiming that they’ve won a payout, product, or service. The grifter will pretend to be a credible organization and ask targets to hand over financial information in order for the prize to be released.
The scam can take many forms, but Google Lotto and Google Pop-up scams are especially common on the platform. Both types of fraud target Google users and ask them to complete a survey or enter personal information to claim their winnings.
Google Chat prize scam. Source: support.google.com
Not all bogus giveaways claim affiliation with Google, though. Tina Grant, tech manager at aerospheres, told us about a personal experience a relative had with this type of scam.
“They eventually got him to share is credit card details for “security verification” and to pay for “shipping”. They completed a $2,800 transaction on his card.” – Tina Grant, Tech Manager at aerospheres
“(My dad) was told he won an Apple hamper from his bank and being someone who always wanted to use Apple but never really “got to it”, he decided to reply” Grant revealed. Unfortunately for her father, he parted with $2,800 before realizing the prize was a hoax.
How to avoid this scam: Unfortunately, if a giveaway seems too good to be true, it probably is. If you haven’t entered a competition or sweepstakes, any claim that you’ve won a prize should be a giant red flag – especially if they’re requesting personal information.
Google Chat Crypto Scams
While our understanding is that crypto scams aren’t as common on Google Chat as they are on other platforms – and they’re certainly less prevalent than tech support or fake giveaway scams referenced above – they’re still worth watching out for.
Cryptocurrency has been providing hackers with the perfect cover for their scams for several years now, as they take advantage of the many legitimate (but arguably still questionable) investment tip-offs and opportunities lining our social media and email inboxes, along with the ones we see pushed by trading influencers online on a near-daily basis.
In Google Chat crypto scams – as well as crypto investment cons taking place on other platforms – lucrative investment opportunities with near 100% returns and next to no risk are often advertised as a simple way to get rich quickly. The way the value of cryptocurrencies like Bitcoin has grown over time, as well as the hype around new, exciting digital currencies like Ethereum, make it strangely easy for hackers to convince the average punter that their tip-off is genuine.
How to avoid this scam: The ol’ if it’s too good to be true, it probably is line is worth trotting out here for a reality check. If an investment opportunity really is low-risk and can guarantee a purported high reward, why is it being farmed out to people’s message, social media, and email inboxes, and not front page headlines? No one should be making any investments off the back of unsolicited text messages.
Is Google Chat Safe?
Google Chat offers several built-in security features like end-to-end encryption and automatic phishing detection, giving users a decent guarantee of protection. Like many messaging apps, the provider uses Transport Layer Security (TLS) to encrypt messages sent between devices and its servers.
However, Google Chat’s low barrier to entry and external domain messaging options make it a lot less scam-proof than other messaging platforms like Signal and Telegram. This doesn’t mean you’re destined to be duped, though. By practicing due diligence, avoiding suspicious-looking links, and keeping personal information to yourself, you stand a solid chance of remaining safe on the app.
It’s also worth knowing how Google uses your data when you use Google Chat. On a help and support page, the tech giant explains that “features like Smart Reply and spam detection, as well as a smarter product experience” can only be provided if the company can access and use chat data.
“To improve Chat’s performance and reliability,” and to help with troubleshooting in case of issues while you use Chat” Google continues, “we collect performance data and crash analytics. We also use this info to help prevent abuse of our services and for analysis.”
This is all pretty standard stuff, and Google also says on the same page that Google Chat data isn’t used for advertising. However, the company can and will access your chats in response to a legal order from the government – so bear this in mind when using the platform.
Protecting Yourself from Online Scams
In 2024, many of the online scams you’ll see lurking about are specifically tailored to the platforms they’re being spread on. In other words, hackers know that generic correspondence won’t work. This means scams are constantly changing, and often, the ones you receive via email look very different from the ones you get sent over SMS or Google Chat. This makes them pretty tough to spot at times.
However, there are still some rules to follow to avoid all phishing scams. Firstly, we’d avoid clicking any links you receive via text message purporting to link you to a legitimate company’s page. Supposedly missed a “delivery”? Log in with your reference number on your email address. Are your accounts being “deleted”? Contact the company directly. Remember, you can always open a separate line of communication with any company if something feels off.
Additionally, treat email SMS, and other correspondence trying to inject a sense of urgency into your decision-making with extreme caution. While legitimate companies like the often-impersonated PayPal might want you to “sign up now” for a limited-time offer, that’s very different from a “representative” of a company suggesting your account will be suspended immediately if you don’t hand over personal information, or pay a fee.
Another thing you can do to protect yourself is to ensure you’re never reusing passwords across accounts. Although this is more of a form of damage limitation for when your credentials for one site are compromised, it’ll ensure the hacker in question is unable to get into any of your other accounts with your information. If you’re reusing the same password over and over again, one breach is all it takes to expose everything.