This warning comes as the company reports an increase in suspicious email activity since mid-November, coinciding with the holiday shopping season.

As the world’s largest email provider, Gmail serves over 2.5 billion users globally. Google revealed that it blocks more than 99.9% of spam, phishing attempts, and malware from reaching users’ inboxes. However, scammers continue to adapt their tactics, making this time of year particularly challenging.

Common Scams Targeting Users

Google identified three recurring scam tactics designed to exploit unsuspecting users:

1. Fake Invoices: Scammers send fraudulent invoices claiming users owe money. The goal is to get recipients to call a provided number, where they are tricked into making payments.
2. Celebrity Endorsements: Fraudsters impersonate celebrities or claim fake endorsements to gain trust and lure victims into scams. These messages often promote dubious products or deals that seem too good to be true.
3. Extortion Emails: In more alarming cases, scammers use personal details, such as home addresses, to intimidate victims. They often include threats of harm or claims of possessing sensitive information, demanding money in exchange for silence.

Tips for Staying Safe

To fight these scams, Google shared some safety tips for users:

• Pause Before Acting: Scams often create a sense of urgency. Take time to verify the message before responding.
• Check the Details: Scrutinise the sender’s email address and cross-check claims with trusted sources.
• Avoid Immediate Actions: Reputable organisations do not demand payments or sensitive information on the spot.
• Report Suspicious Activity: Mark any dubious emails as spam to help keep your inbox—and others’—secure.

Google’s enhanced security features, introduced earlier this year, have reduced the number of successful scam attempts by 35% compared to last year. 

Nonetheless, users are advised to remain cautious, especially as scammers evolve their strategies during the holiday period.

In collaboration with organisations such as the National Center for Missing and Exploited Children (NCMEC) and Thorn, the platform seeks to provide both teens and their parents with tools to recognise and avoid these scams. 

To raise awareness, Instagram is partnering with popular creators to engage teens and educate them about sextortion. 

This campaign will be accompanied by an educational video that outlines common tactics used by scammers, such as pressuring individuals to share images or attempting to shift conversations to other platforms. 

The initiative also reassures teens that falling victim to sextortion is not their fault and provides resources for seeking help.

Again, Instagram has rolled out several new safety features to disrupt potential sextortion activities. One of the most outstanding changes is the restriction on taking screenshots of images or videos sent via direct messages, particularly content set to “view once” or “allow replay.” 

This update is designed to ensure that sensitive material shared on the platform remains secure and unrecorded. The platform will also prevent users who exhibit suspicious behaviour from viewing others’ follower lists, preventing them from using such information to manipulate or intimidate their targets.

For additional protection, Instagram is globally launching its nudity protection feature, which blurs images flagged as inappropriate before they can be viewed in direct messages. 

This feature, enabled by default for users under 18, aims to protect teenagers from receiving unsolicited explicit content. The social network has also partnered with mental health services such as Crisis Text Line in the US to offer real-time support for users who report issues like sextortion or child exploitation.

Instagram’s focus on curbing sextortion is not limited to user education and in-app safety features. The platform is also standing against organised sextortion rings, removing thousands of accounts linked to groups involved in these criminal activities. 

As we observe Cybersecurity Month, it’s a timely reminder of the importance of staying vigilant and protecting yourself from these schemes.

Here are some steps to help you avoid falling victim to fake service scams, and what to do if you’ve already been scammed.

Exercise Caution with Unsolicited Offers

Be particularly cautious with cold calls, emails, and messages on social media that offer services that seem too good to be true. Scammers often create a sense of urgency or present deals that are hard to resist in order to lure their victims.

Verify Contact Information

Always take the time to verify the contact details of sellers or service providers you’re considering. Be it through emails or social media groups, look closely for subtle differences in spelling or unusual domain names that scammers might use to impersonate legitimate companies. Authentic businesses will always have verified contact information.

Cybersecurity Month: How to Identify Fake Service Crypto Scams

Stay Educated and Informed

Knowledge is your best defence. Stay informed about the latest scams and how they operate. Understanding common tactics used by scammers can help you spot potential fraud before it’s too late. Regularly updating yourself on cybersecurity practices will go a long way in protecting your personal information and assets.

What to Do If You’ve Been Scammed

If you find yourself a victim of a fake service scam, act quickly:

1. Report the incident: Immediately notify relevant local authorities and the platform or messaging service where the scam occurred.
2. Provide details: Share all relevant information, including the scammer’s profile name, email, or phone number. This will help prevent others from falling victim to the same scam.
3. Protect your accounts: Change your passwords and monitor your accounts for any suspicious activity.

Sophos, a global leader in innovating and delivering cybersecurity as a service, today released details of two expansive, still operational, pig butchering or sha zhu pan rings (elaborate and lengthy financial fraud scams that can cost victims thousands of dollars) that scammers are operating from Asia.

One of the rings, based in Hong Kong, involves a fake gold trading marketplace, while the other, based in Cambodia and with ties to Chinese organized crime, netted the scammers $500,000 in cryptocurrency in just one month.

In both schemes, the scammers targeted Sophos’ principal threat researcher, Sean Gallagher, directly via Twitter and text message, respectively, rather than dating apps, the traditional method used to find and target victims. Part one of a two-part series, “Fool’s Gold: Dissecting a Fake Gold Market Pig Butchering Scam,” released today, focuses on the inner workings of the ring based out of Hong Kong, which demonstrates how these scammers are upping their technical sophistication to lure in and con targets.

ALSO READ: Sophos Uncovers Fake Apps on Apple’s App Store Used by Cybercriminals for CryptoRom Schemes

“For two years, we’ve been following and reporting on a subset of these pig butchering schemes called CryptoRom. This is a particular flavor of pig butchering that relies on romance-based lures with scammers approaching potential victims on dating apps and then asking them to invest in fraudulent crypto trading apps. But CryptoRom is really just the tip of the iceberg. Since the start of the pandemic, this type of cyberfraud has massively expanded. These scammers are now targeting people on all major social media platforms or even direct message, and they’re not limiting themselves to just exploiting crypto but also gold and other forms of currency or trading value. They’re quite literally going after the whole hog,” said Sean Gallagher, principal threat researcher, Sophos.

In the first scam Gallagher investigated, he spent three months interacting with one of the scammers after they approached him directly on Twitter.

The scammer posed as a 40-year-old woman from Hong Kong who quickly attempted to move the conversation to WhatsApp.

From there, the scammer tried to convince Gallagher to invest in a fake gold trading marketplace, touting her connections with her “Uncle Martin”—supposedly a former Goldman Sachs analyst.

She then directed him to a site that copied the branding of a legitimate Japanese banking company called Mebuki Financial, where the foreign exchange and commodity trading services were to be conducted.

While the social engineering of this scam was less polished than other cases Sophos has investigated, it showed a marked increase in technical sophistication for these types of groups.

The scammers used an elaborate combination of highly effective SEO, polished scam pages to “register” new clients on their fake Mebuki website, and a pirated version of a legitimate trading app (MetaTrader 4) with additional malicious code to steal money from their victims. They are also actively updating their operation’s scam infrastructure to avoid being shut down.

“Both scam rings are still operational and will be difficult to shut down. While we marked the domains and IP addresses being used by the attackers in the Hong Kong ring as malicious, their scam operations have already shifted to new domains. They already have a new download infrastructure in place for their pirated version of the MetaTrader app, so, at this point, we’re essentially playing ‘whack-a-mole’.

“Unfortunately, that’s the reality as these operations become broader in scope, targeting more regions and across different platforms. The move from crypto to gold also shows how easily these groups can find a new niche to exploit. That means the best defense is public awareness of these types of scams. People should be wary of any SMS, dating app, or social media direct message from a stranger who strikes up a conversation and then suggests moving it to WhatsApp or Telegram—especially if they make claims about wealth obtained from crypto or other trading,” said Gallagher.

You can learn more about the criminals behind this fake gold trading ring in “Fool’s Gold: Dissecting a Fake Gold Market Pig Butchering Scam” on Sophos.com.