Google subpoena scam

The Google subpoena scam is a type of phishing attack where fraudsters impersonate Google to create a false sense of urgency and fear.

A Google subpoena scam is a phishing attack where fraudsters impersonate Google to create a false sense of urgency and fear. They typically begin by sending an email that appears to come from no-reply@google.com, claiming to inform you of a subpoena — a formal legal request. The email will often have a subject line like “Security Alert” or “Notice of Subpoena,” making it seem urgent and legitimate. These scammers prey on your natural concern about legal matters and data privacy, hoping to trigger a reaction.

Inside the email, the scammers will falsely claim that Google has been served with a subpoena requiring the company to turn over your account data, such as emails, documents or search history. The email will then urge you to click on a link to view your “case materials.” This link typically leads to a fraudulent website, often hosted on Google Sites, which is designed to look like a genuine Google support page. This added layer of legitimacy can easily trick users into believing the request is real.

The most concerning part of this scam is that attackers are skilled at spoofing Google’s email addresses and mimicking the company’s official content. By doing so, they can bypass common security checks, such as DomainKeys Identified Mail (DKIM), which normally verifies the authenticity of an email. With this approach, the scam appears convincingly legitimate, making it easy for unsuspecting users to act impulsively — potentially exposing sensitive data or inadvertently installing malware.

Did you know? DomainKeys Identified Mail (DKIM) is an email security standard that verifies whether a message really comes from the domain it claims to be from. It uses cryptographic signatures to protect against email spoofing and phishing attacks — making your inbox just a little safer every day.