Our latest fraud and scams advisory

May 27, 2025

[[read-time]] min read

Google’s Trust & Safety teams are sharing observations on the most recent online scam trends.

Karen Courington

Vice President of Consumer Trusted Experiences, Trust & Safety

an illustrated hero image with the text "Online Scams Advisory #2"

Editor’s Note: This scams advisory is being released ahead of the Google Safety Engineering Center’s inaugural Scams Summit on May 28.

Even as people become better at spotting potential scams, transnational crime groups continue to evolve their tactics and defraud people around the world. In 2024, the Global Anti-Scam Alliance reported that in just 12 months, scammers stole $1 trillion globally. In the U.S., the Federal Trade Commission recently shared data in March showing a 25% year-over-year increase in reported losses to fraud. Scammers are more effective and act without fear of punishment when people are uninformed about fraud and scam tactics. That’s why our teams at Google analyze, track and defend against scams — and share our observations with others.

Our latest threat advisory describes recent scam trends identified by our analysts.

1. Customer support scams

Customer support scams, where fraudsters impersonate legitimate support to steal sensitive information, are evolving.

Scammers are now exploiting user distress through social engineering and web vulnerabilities to display fake phone numbers. These scammers often rely on impersonating well-known brands. We’ve long blocked ads for third-party tech support and have a dedicated feature to provide official customer service information in Search. Additionally, Chrome recently added AI-powered protection using the on-device Gemini Nano large language model to further safeguard users from dangerous sites, including these types of scams.

a text card reading "Seek out official support channels directly by using information from packaging or contracts. Avoid unsolicited contacts or pop-ups. Never grant remote access unless certain of official support. Always verify phone numbers for authenticity."

2. Malvertising

Malvertising — when malware is distributed through online advertising — is a popular tool of bad actors. While scammers often target users seeking "free" or "cracked" versions of popular software, our teams have observed a concerning evolution. Increasingly, scammers are setting their sights on more sophisticated users — those with valuable assets like crypto wallets or individuals with significant online influence. Scammers may use malvertising as an initial step in their attack cycle, intending to commit further abuse. They often try to convince users their software is safe, even urging them to ignore security warnings or turn off antivirus.

Google actively works with trusted advertisers and partners to help prevent malware in ads. Through a combination of AI and human review, we identify and block ad creatives and accounts that lead users to download malicious software. Accounts violating Google Ads malicious software policies are immediately suspended. And, we may limit ad impressions of advertisers in the software space while they build a strong track record of trust, allowing only qualified advertisers to serve without these restrictions.

A text card sharing tips like "Download software only from official sources and verify the URL. Be skeptical of “too good to be true” offers of free versions of licensed software. Pay attention to download warnings from your browser and do not disable antivirus software. Use Enhanced Safe Browsing to detect hidden risks when downloading encrypted files."

3. Fake travel websites

Ahead of the summer vacation season, our teams have observed a spike in travel scams. Fake travel websites lure users into booking travel with a promise of “too good to be true” prices, experiences or discounts. These deceptive sites often imitate well-known hotels or pose as legitimate travel agencies, a tactic particularly prevalent during holidays and major events when people book travel via messaging apps or phone.

At Google, we strictly prohibit ads that hide or misrepresent information about a business, product or service. Ads impersonating other brands or businesses to solicit money or personal information are prohibited, and we actively monitor for this type of misrepresentation — including by suspending advertisers for egregious violations.

an illustrated text card with tips like "Be suspicious of unbelievably low prices, massive discounts, or exclusive vacation packages that seem drastically cheaper than anywhere else. Scammers use these enticing offers as bait. Verify website security and authenticity. Utilize Google tools, including "About This Result" and My Ad Center for website research. Avoid payment methods such as wire transfers or direct bank deposits, especially if requested via email or phone. Use secure payment methods with buyer protection. Confirm your booking directly with a hotel or airline. Inquire about potential hidden fees."

4. Package tracking scams

Package tracking scams exploit the widespread use of online shopping and package delivery services by sending fraudulent messages that appear to be from legitimate delivery companies. These scams often trick users into paying additional "fees" that real delivery services would never request.

Our teams have observed these scams impersonating a wide array of global brands. A key tactic is how quickly scammers adapt their websites and messages, often changing content based on when the link is sent to a user. They achieve this rapid deployment using "phishing kits" like Darcula and Xiu Gou, which mimic legitimate websites and brands almost instantly.

In Google Messages we launched Scam Detection, which uses powerful Google AI to proactively protect users from scams shared over SMS, MMS and RCS messages. When on-device AI detects suspicious patterns in messages, users will now get a messaging warning, with options to dismiss, report and block the sender, empowering users to stay safe.

an illustrated text card with tips like, "Be wary of unexpected delivery texts claiming you have a package, especially if they urge immediate action. Avoid clicking shortened or suspicious links in texts; they may hide the actual, malicious website. If expecting a package, verify its status with the shipping company or seller directly, not via a link from an unknown number. Scam texts often contain grammatical errors, misspellings, or come from unfamiliar numbers."

5. Toll road scams

Just as online shopping brought package tracking scams, the rise of cashless tolls has paved the way for toll road scams. A toll road scam involves scammers sending fraudulent text messages claiming that you owe unpaid toll fees. These scams share patterns with package tracking schemes and are often orchestrated by the same bad actor groups. This, too, is a global threat, and we’ve observed that attackers will “follow the sun,” first sending scam messages mimicking toll roads in Europe, then in the East Coast of the US, then in the West Coast, and onwards over the course of a day. These messages aren’t always the most realistic — our teams have seen cases where users are spammed with toll road fees in states that don’t operate toll roads.

Recognizing this rising threat, Google Messages recently rolled out new enhancements to detect dangerous toll road scams and other billing fee scams, warning users in real time to help them stay safe.

an illustrated text card with tips like "Pause before acting on urgent messages; question if the claim is even plausible? If you've recently used a toll road, confirm fees directly with the official operator. Watch out for typos and grammatical errors in messages. Avoid clicking links from unknown numbers or emails. Report suspicious messages using in-product tools or submit suspicious links to Safe Browsing."

As the threat from scams continues to evolve, we’re committed to keeping people informed and updated on the latest trends and techniques. You can report scams on our platforms on our help center.

POSTED IN: