Stay clear of scams abusing the Google Brand

If the recent financial crisis wouldn’t make people’s life hard enough, some websites, firms and individuals try to use well known brands such as Google to empty the unaware users’ pockets even more or to simply steal their identity. Google is one of the most trusted brands in the World and scammers exploit this trust.
You won $1 Million US Dollars from Google, You’ve been selected to work for Google, Make money fast with Google. Sounds too good to be true? It is.

Before you fall victim of any phishing attempt and scam, please do check the following documents provided by Google or Federal Agencies like the Federal Trade Commission (FTC, http://www.ftc.gov) and the Internet Crime Complaint Center (IC3, http://www.ic3.gov):

Google’s help document about detecting scams and phishing attempts: http://www.google.com/support/websearch/bin/answer.py?hl=en&answer=9110
Google’s blog post about scams: http://googleblog.blogspot.com/2009/07/how-to-steer-clear-of-money-scams.html
Gather more knowledge about phishing attempts circulating in form of email in This Gmail help entry:http://mail.google.com/support/bin/answer.py?hl=en&answer=8253
FTC report about scams, including those which are using the Google trade mark: http://www.ftc.gov/opa/2009/07/shortchange.shtm
IC3 document related to scams and phishing attempts on the Internet: http://www.ic3.gov/preventiontips.aspx

Websites promising easy way to get rich, using Google
Hundreds of websites are offering easy jobs like posting links on Google which can make you rich, or they are selling e-books which can teach you how to get rich using affiliate marketing and Google. The only thing you have to do is to pay a minimal fee, usually less than a couple of US Dollars, representing the shipping costs of a book, sign-up fee or a set of CDs.
There are several things on these websites which are suspicious:
If you look at the bottom of these websites’s pages you will see a short, small-font disclaimer which states the website is “in no way affiliated with Google”
These websites usually looks fishy on the first sight. The pages are extremely long, make use of huge fonts, convincing graphics, repeating the same thing dozens of times and they always put accent on how much you can earn
Sometimes there are testimonials, each of them stating that the program you found is extremely profitable.

When you pay for these services or items, your debit or credit card will be debited with the minimal sum they listed on the website. Usually the next month you will be billed with much more, in many cases amounts exceeding $100. The next month again, then again until you succeed to cancel the account or the card you payed with.

As per the FTC’s reports, thousands of users fell victim of these types of scams. You don’t have to be the next.

Work for Google scams
Do you dream about working for Google? Most of us do and phishing attacks often exploits this dream.
“You’ve been selected by our HR Team to work in Mountain View, CA in the Googleplex”. This message continues with asking you to submit your personal details like address, SSN and other data.
Detecting the legitimacy of these emails is rather easy, in fact in two steps you can check whether the message is legit or not:
Go to Google –Jobs and do a search on the job the email described. If the job doesn’t even exists, you know that the email is a phishing message
Have a look on the email headers. The “From”, “Return-path” and if exists, the “Reply-to” headers’ values should be the same and always end with “@google.com”. If even one differs or the email comes from a domain other than google.com, the message is not legit

E-mails telling you are rich, thanks to Google
“Your email address has been selected by the Google Award Team and you’re the winner of the great prize.”
These are phishing messages meant to steal your personally identifiable information like your name, SSN, home address.
Google lists all its awards, programs, promotions and give-aways on the Official Google Blog. Go there and do a search on the award the email describes. If you don’t find it, the message is not legit.
If you received suspicious emails through your Gmail email address, please report it as soon as possible.

How to avoid these scams and phishing attempts
There are simple ways to detect whether an email or website is legit. None of the below listed things takes more than a few seconds to check and can decrease the chance of falling victim of these scams:
Forget the dream of getting rich in no time. If it would exist, the internet users would be rich already
Do a WHOIS search on the suspicious domain name. If the registrant is not Google Inc., the website is not Google’s.
Do a search on “[award name] scam” or “[brand] scam” on Google. If you find the website or award you’ve been told about amongst the results, you know it’s very likely to be a scam
Google employees don’t send you emails from Gmail addresses. All the legit emails are coming from a google.com email address
Learning what the email headers contain can do pretty good job in the detection of the legitimacy of emails. If “From”, “Return-path” and if exists, the “Reply-to” headers’ values does not match, it’s likely that the message is not legit