Google Chat, formerly known as “Google Hangouts”, is a chat-based messaging app that gives businesses and regular users a space to collaborate and catch up for free. The app is wildly popular, boasting over 10 million downloads on Google Play alone. But as with other platforms like LinkedIn, its large, predominantly professional user base also makes it a magnet for cyber scammers.
Unlike messaging apps like Signal, Google Chat's security reputation isn't great. Conversations on the platform are largely unmonitored and accounts can be reached by anyone with a Gmail email address – making users more vulnerable to unwanted advances. Falling prey to scams on Google Chat isn't inevitable, though.
We've spoken to real businesses that have fallen victim to Google Chat scams to save you from making the same mistakes. From your standard-issue phishing attacks to less typical cases of sextortion, here are six scams to be aware of on Google Chat, and advice on how to avoid them.
What are Google Chat Scams?
Google Chat scams refer to any type of cybercrime that takes place on the Workspace platform. Scams take a variety of forms: some grifters send chat requests to users directly, while others try and move conversations to Google Chat from social media sites to take advantage of the app's lackluster security settings.
Due to the platform's overwhelmingly professional clientele, Google Chat scams tend to mirror cons spotted on other sites like LinkedIn. But cons aren't just focused around the nine till five, with romance and sextortion scams also becoming more prevalent on the app in recent years.
Here's our summary of the most common scams currently circulating Google Chat:
Google Chat Phishing Scams
Unsurprisingly, the most popular scam to be aware of on Google Chat is phishing – a social engineering practice where criminals masque as reputable sources in an attempt to lure sensitive information from victims.
Due to its low barrier to entry and relatively high success rate, phishing scams are now the most common type of cyber attack in the US, and Google Chat's public access makes it one of the easiest platforms for phishers to target.
Nikita Sherbina from the SaaS company Aiscreen.io almost fell victim to the hustle after receiving a seemingly innocuous message that claimed to be from a well-known client.
“The message contained a link that appeared to be a shared document, but upon closer inspection, it led to a fraudulent login page” Sherbina tells Tech.co. Fortunately, her IT department was quick to shut the request down, but not all Google Chat users are this luckily.
Daily Google Chat user Rhett Stubbendeck from LeverageRx fell victim prey to the ruse after receiving a “seemingly innocent notification appeared from a very trusted financial institution”.
“What happened afterwards was very unsettling”, he tells Tech.co. “My business accounts were compromised, which gave access to unauthorized parties and gave way to potential data breaches.”
How to avoid this scam: While the rise of generative AI is making phishing requests increasingly hard to decipher from the real deal, telltale signs include an inflated sense of urgency, requests for private information, and misspelled or suspicious-looking email addresses.
Learn more about some red flags to look out for in our guide to avoiding phishing emails.
Google Chat Technical Support Scam
Another common tactic plaguing Google Chat is IT support scams.
Also known as technical support scams, this type of fraud involves fake IT teams reaching out to users and claiming they've found a problem with their device. The scammer will then urge the target to install applications to safeguard their systems, or click on a link to resolve the problem.
Humayun Saleem, a marketing consultant for Clashify, told us about a time when his colleague was targeted by this type of scam.
“The scammer claimed their computer was compromised and offered assistance for a fee” Saleem told us. Luckily, his teammate realized it was a scam before any damage was done.
“My colleague wisely ignored the message, highlighting the importance of skepticism and verifying the legitimacy of such claims.”
Similarly to LinkedIn, this scam is pervasive on Google Chat as the platform primarily caters to professional communities. There are a number of tell-tale signs that indicate requests may be illegitimate, though.
How to avoid this scam: Legitimate tech platforms like Google Chat won't contact you on the app to notify you about errors on your account.
Real IT teams rarely ask you to click on links to resolve issues, either. So if you're notified about a technical issue on your account try and reach out to service providers directly before following through with any requests.
Google Chat Fake Job Offers
As layoffs sweep across the US, cybercriminals are using fake interview scams to exploit willing candidates looking for work.
Typically, scammers will do a little background research before setting up the honey trap. This may involve logging your employment history on LinkedIn or googling your name to see what sector you're currently working in.
It's common for fake recruiters to reach out to you via LinkedIn or email first, before setting up an “interview” on Google Chat where they'll continue the charade and try to entice you about the proposed job offer. The perpetrator will then request some type of fee in order for you to move forwards with the process.
Liam Lucas, CEO and Founder of the digital tech company Off Road Genius told us about a time he nearly fell prey to a fake job offer scam.
“I've encountered fake job offers where the scammer promises a high-paying job in return for a fee” Lucas shared. In his case, the fee that was demanded was “purportedly for background checks or training materials”, but luckily he declined the bogus offer before any hard-earned cash was exchanged.
How to avoid this scam: Real recruiters will never demand payments before moving you along the onboarding process. Be wary of any company that makes such requests, and do your background research before getting excited about a new job opportunity.
Google Chat Romance Scams
While Google Chat may be an unlikely place to find love, the platform is a popular destination for romance scams, a type of crime where grifters feign a romantic interest with targets before attempting to extort them.
Romance scams are typically orchestrated by international criminal groups who scope out victims on dating sites like Tinder or Bumble. After establishing a rapport with targets, bad actors will try and move the courting process over to platforms with weaker security protocols like Google Chat.
According to Australian psychologist Monica Whitty, perpetrators will then try to develop hyperpersonal relationships with the victim until they feel like they're ready to depart with their money.
Due to the scam's reliance on emotional manipulation and deception, Whitty explains the ruse often causes a “double-hit” among victims, as those targeted are left with financial damages alongside the abrupt loss of a personal relationship.
Unfortunately for susceptible singletons, instances of romance scams have shot up 91% since Covid-19, with women making up two-thirds of reported victims.
How to avoid this scam: If someone you meet online asks to move the chat over to third-party messaging apps like Google Chat, immediately question their movies. Also, don't share financial information or any other personal details before meeting up in person.
Google Chat Sextortion Scams
Sextortion is a type of blackmail where criminals threaten to publish private, sexual content if victims don't meet their demands.
While cases of sextortion are on the rise across most platforms, Google Chat's current settings – which don't allow users to delete chat history for both parties – make it the platform particularly well-suited to scammers looking to engage in this type of crime.
Like romance scams, the particularly distressing type of scam is normally established on dating platforms before being moved to apps like Google Chat. Then, after both parties are using the platform, the scammers will work on building trust, before eventually requesting compromising images, videos, or information from the target.
But it's not just those handing over sensitive materials that are at risk. It's becoming increasingly common for sextortion scammers to create sexually explicit content from benign images of victims using photo editors and AI technology – opening the scam up to a much wider pool of potential prey.
How to avoid this scam: Be weary of user that suddenly steer the conversation towards sexual themes and refrain from sharing explicit content with unverified accounts.
Google Chat Bogus Giveaways
Everyone loves a freebie. But with this type of online crime, the only party getting a reward is the scammers.
Google Chat giveaway scams take place when cybercriminals reach out to users on the platform, claiming that they've won a payout, product, or service. The grifter will pretend to be a credible organization and ask targets to hand over financial information in order for the prize to be released.
The scam can take many forms, but Google Lotto and Google Pop-up scams are especially common on the platform. Both types of fraud target Google users and ask them to complete a survey or enter personal information to claim their winnings.
Not all bogus giveaways claim affiliation with Google, though. Tina Grant, tech manager at aerospheres, told us about a personal experience a relative had with this type of scam.
“They eventually got him to share is credit card details for “security verification” and to pay for “shipping”. They completed a $2,800 transaction on his card.” – Tina Grant, Tech Manager at aerospheres
“(My dad) was told he won an Apple hamper from his bank and being someone who always wanted to use Apple but never really “got to it”, he decided to reply” Grant revealed. Unfortunately for her father, he parted with $2,800 before realizing the prize was a hoax.
How to avoid this scam: Unfortunately, if a giveaway seems too good to be true, it probably is. If you haven't entered a competition or sweepstakes, any claim that you've won a prize should be a giant red flag – especially if they're requesting personal information.
Is Google Chat Safe?
Google Chat offers a number of in-built security features like end-to-end encryption and automatic phishing detection, giving users a decent guarantee of protection. However, Google Chat's low barrier to entry and external domain messaging options make it a lot less scam-proof than other messaging platforms like Signal and Telegram.
This doesn't mean you're destined to be duped, though. By practicing due diligence, avoiding suspicious-looking links, and keeping personal information to yourself, you stand a solid chance of remaining safe on the app.