Here’s what to do after receiving a Google critical security alert:
- Go to the Google’s Recent Security Activity page.
- Check each recent alert — focusing on device and location information — and try to identify any suspicious activity.
- If you detect an unauthorized sign-in attempt, click See unfamiliar activity? at the top of the page to change your password and sign out of all devices.
In most cases, the timing of the alert will correspond to a legitimate activity listed in your notifications. If no events connect to the message you received, the email could be fake.
Think you’ve got scammed? Let’s see what can be done.
What to do if you got scammed by a critical security alert
If you fall for a fake Google critical security alert email, you can take these steps to mitigate the damage:
- Immediately change the passwords of any compromised accounts using a different device.
- Cancel the relevant cards if you provided any credit card details.
- Scan for and remove any malicious software downloaded during the scam — opening a fraudulent link will most likely install malware on your device. This may require some technical know-how. If you don’t feel comfortable doing this, try a third-party malware detection software, like the one offered by VeePN (more on that in a bit).
How to avoid Google’s Critical Security Alert scam
Phishing attempts are common. But spotting a scam and avoiding it is relatively easy with a little knowledge and the right tools.
