Threat Actors Abuse Google Group to send Fake order Notifications

Threat actors continue to evolve their spam tactics by utilizing legitimate  Google Groups to send Fake order messages to target multiple users. 

Fake order scams work by notifying victims about the purchase status or confirmation that originally was not placed by the recipient.

They are motivated to steal the victim’s personal credentials – name, address, credit, or banking information, or trick the victim into installing malware on their computer.

Trustwave SpiderLabs has identified a notable surge in these Geek Squad scam email activities delivered via Google Groups.

The new variant of the fake order scam sent to the users to notify them about the victim has been added to the Google group.

Fake Google Notifications Warning

Above is a sample of a scam message sent to the user to join the client support geek squad, and by clicking view, this group will redirect to a fake discussion group.



Implementing AI-Powered Email security solutions “Trustifi” can secure your business from today’s most dangerous email threats, such as Email Tracking, Blocking, Modifying, Phishing, Account Take Over, Business Email Compromise, Malware & Ransomware

Later, threat actors can automatically add email addresses, even non-Gmail accounts, into a group and start spamming users. 

Fake Email

The spam email notified the users about the renewal of their membership in Geek Squad and the amount for the renewal. The customer ID was mentioned to make it legitimate.

It also leaves the customer care number to contact the support team to avoid charging the amount if they do not wish to continue.

If the victims contact the customer care number mentioned in the email, it will connect with spammers, and they are asked to update the online form.

They then instruct the victims to access a website where an application can be downloaded to access the victim’s machine remotely. 

Once the scammer has remote access, they pretend to process the refund while secretly browsing their files and accessing sensitive information such as personal documents, banking details, and passwords.

These deceptive schemes cause financial harm to victims and lead to breaches of their personal data.

Keep informed about the latest Cyber Security News by following us on Google News, Linkedin, Twitter, and Facebook.

Leave a Reply

Your email address will not be published. Required fields are marked *