Google Subpoena Email Scam: How It Works
Watch out for a fake Google subpoena email scam that’s been going around the Internet these days. What does it look like? It comes as an email featuring a subpoena notice from Google, claiming that you’ve been accessing wrong links on the web. Let’s see how the scam works.
The email states that you are “ordered to the law court”. You can see a screenshot of the bogus Google subpoena email below.
The message urges you to prepare all the necessary documents for the court appearance. The list of docs listed in an attached file is nothing but a compromised zip folder that installs malware on your device. There is also a link provided with supposedly additional details. This malicious link leads to a Google Drive listing where you can access the content (don’t!).
The scammer pretends to give you 14 days to get ready, otherwise “the court will take place without you”. The grammar mistakes should be enough to see this Google subpoena as a red flag.
So what happens if you open the folder with the fake documents? Like another subpoena-related scam that did its rounds in November 2019, this one installs malware on computers.
How Bad The Email Can Be?
The malicious folder and the email link contain a redirect chain that takes you to a macro-laden Microsoft Word file. This macro then downloads the malware via PowerShell, which is a sample of the virus.
The malware from the Google Subpoena email scam infects the endpoint and exfiltrates your personal info. It primarily targets network configurations, browser information, cryptocurrency wallets, VPN and FTP logins, emails, and gaming credentials. Last, but not least, it takes screenshots of your compromised device.
Subpoena Notice From Google: How To Avoid
There is no such thing as a subpoena notice from Google. Delete the email – eventually, report it, see below – and focus on your daily routine. This bogus Google Subpoena is more dangerous than the regular email scams or phishing scams, so beware.
Your personal information could only be stolen if the infection chain is successful. What does that mean? The scope is to get the victims to click on the link and then download the “documents”, which contain the macros. Essentially, as mentioned, by downloading the file you enable these macros, meaning letting the malware access whatever it wants. Stay away.
Google Subpoena: How To Report a Scammer
Let your family and friends know about this scam by sharing this article on social media using the buttons provided. You can also officially report scammers and any other suspicious activity to the Federal Trade Commission using the link below:
How To Protect Yourself More
If you want to be the first to find out the most notorious scams every week, feel free to subscribe to the Scam Detector newsletter here. You’ll receive periodic emails – we promise not to spam. Meanwhile, educate yourself with some other fraud-related articles right under this paragraph, so that you can protect yourself in many other aspects and niches. Last but not least, use the Comments section below to expose other scammers.
Here are some must-reads for the end:
Google Notification Scam
Verify a website below
Are you just about to make a purchase online? See if the website is legit with our validator: