Alan Friedman of PhoneArena recently received an email from “Google Security” featuring the company’s iconic “G” rainbow icon. “WARNING! Your Pixel 6 Pro is severely damaged by 13 Malware!” the email’s header reads. Unsuspecting users will panic on reading this, not least because it claims to come from Google Security. And that’s what the attackers want. That you panic and act immediately without thinking much. The rest of the email further tries to create this sense of urgency inside you. It says your device is “62% DAMAGED by Tor.Jack Malware” injected by aggressive ads and malicious websites. These are thoughtful words to make things sound scarier. The email goes on to say that you need to immediately remove the malware from your device or you could lose sensitive information such as social media accounts, messages, images, and bank and card details. Then comes the most critical bit. As users would be panicking and looking for ways to get rid of the malware, the attackers play their next trick. They will provide you with a link or button to quickly fix everything. In this case, there’s a “Clean my Device” button which they claim is a “powerful Google-approved application” that will remove the malware instantly. But, of course, that’s not true. Instead, it’s a hyperlink that will take you to unwanted websites or show aggressive pop-up ads that may trick you into giving the attackers access to your sensitive information. So avoid clicking/tapping on this button or link at any cost. Your phone is not in any kind of danger, at least not until you tap on that link.
What should you do if you receive such phishing emails from”Google Security”?
Ahead of that, there arises another important question. How to confirm whether it’s a genuine email or a phishing attack? Well, there are enough hints of a scam in this email. Firstly, there are way too many grammatical errors here. The wording, formatting, and overall tone of the message also don’t sound genuine. They rather try to make you act fast rather than read the full email. Always remember that Google or any other reputed company will never send emails with messages like that. So if you ever receive such emails, the body or even the “From” address of which may vary, DON’T DO ANYTHING. If you can, report it as spam (on the Android Gmail app, tap the three-dot menu in the top-right and select “Report spam”) and forget it. Always use common sense and avoid tapping on any links in emails unless you are confirmed it’s a genuine one. Stay safe.
