Avoid & report phishing attacks

A phishing attack happens when someone tries to trick you into sharing personal information online.

How phishing works

Phishing is typically done through email, ads, or by sites that look similar to sites you already use. For example, you might get an email that looks like it’s from your bank asking you to confirm your bank account number.

Information phishing sites may ask for

  • Usernames and passwords
  • Social Security numbers
  • Bank account numbers
  • PINs (Personal Identification Numbers)
  • Credit card numbers
  • Your mother’s maiden name
  • Your birthday

Report phishing sites

Report phishing sites you found through Google Search

If you think you found a phishing site, reporting the phishing page.

Report sites that use the Google trademark

If you think a site is using the Google trademark or logo inappropriately, report the trademark violation. For example, you might find a non-Google site with a Google or Gmail logo on the page.

Report a phishing site that showed up in your Google Search ads

If a phishing site showed up as a sponsored link on your search results page, report the site by contacting AdWords.

Report a site or email address that pretended to be Google File a government complaint against a phishing site

Avoid phishing attacks

Be careful anytime you receive a message from a site asking for personal information. If you get this type of message, don’t provide the information requested without confirming that the site is legitimate. If possible, open the site in another window instead of clicking the link in your email.

Google will never send unsolicited messages asking for your password or other personal information.

More ways to protect yourself from phishing

page author courtney

Courtney is a Search expert and author of this help page. Leave her feedback below about the page.

Was this article helpful?
Yes
No