Protect against fraud, phishing & spoofing
If you live in the US and have a US address associated with your Wallet, Google Wallet Fraud Protection covers 100% of all verified unauthorized transactions. Your Wallet's information is safely stored on secure servers in a secure location, monitored 24/7 for fraudulent or unauthorized activity by our security team.
If you think there’s been fraud or unauthorized activity on your Wallet, contact us to report it within 120 days of the transaction date. We may also ask you for more information to determine if a transaction is covered.
Unauthorized transactions on other Google products
If you think there’s been fraud with other Google products (like Google Play, Google Drive, or YouTube), visit their help centers for more information.
Identify fraudulent Wallet messages
"Phishing" and "spoofing" are fraudulent attempts to access your personal information.
- Phishing is when someone pretending to be someone else asks you for personal information.
- Spoofing is when someone fakes the identity of the email sender so it looks more trustworthy.
If you get a suspicious email, don’t respond with the information it asks for. If the message claims to be from Google, report the email.
How to tell if an email is suspicious
Check what information it asks for.
If the email asks for any of the below information, it’s most likely fake.
- Usernames and passwords
- Social Security numbers
- Bank account numbers
- PINs (Personal Identification Numbers)
- Full credit card numbers
Note: Real messages from Google might ask you to click a link to verify your email address. We won't ask you for any information until you've signed in to your Google Account. If we can't verify your Google Wallet information, you might get an email from email@example.com or firstname.lastname@example.org asking you to sign in and send documents that verify your billing details.
Find the real sender of the email.
- In Gmail, click the drop-down next to the "Reply" button and click Show original.
- Make sure the "From" address and the "Reply-to" address match.
- Check that the address on the "Message-id" also matches the "From" address domain.
- If you don't use Gmail, ask your email host for details on how to verify a sender.