How do spammers attack Google services?

Google is a search engine and provides many integrated services, but scammers have taken advantage of Google’s convenience to send spam or make dangerous cyber attacks.


The goal of spammers is to send e-mail directly to the user's inbox that is not recognized by the spam filter. Google services often send messages to Gmail's inbox and the system's anti-spam module will not flag emails from Google itself. Understand this, we see how spammers can exploit Google services.

Google Calendar

Spammers have spammed through Google Calendar by using the user's location and then creating a topic to send invitations. Typically, spam includes a short text saying that the victim will receive money for some reason, along with a link to receive the money. However, it could be a fraudulent link for cybercriminals to get the victim's bank account information or request a prepayment if the victim wants to receive money. Network attackers also often use Google Calendar to create fake surveys with certain rewards. They can also use the same way to distribute spam, as well as malware.

Google Photos


Scammers use Google Photos to share photos with information about large amounts that can be received only by replying to the available email. For the recipient, it appears to be a harmless email from Google Photos with the title "Someone shared a photo with you". After the victim pays, the fraudsters simply disappear without a trace. The cybercrimes have taken advantage of the feature that allows images and content to be displayed on Google Photos notifications and the same title is so harmless that the victim will open to see the content inside.

Google Forms


Scammers can use Google Forms to create forms and polls, thereby collecting user data. The victim will fill out the form with personal information, bank card, etc. The fraudsters then send a proactive offer to profit with the exploited information. Data forms that look very convincing have made Google Forms a useful tool for scammers.

Google Drive and Google Storage


Kaspersky 's quarterly spam and phishing report constantly warn users about cybercrimes that have long used cloud storage tools to hide illegal content. Often, spam filters are difficult to determine whether the email is deceptive or not based on a single link hidden within the message with random characters. In this way, almost all content can be sent to recipients, including malware, phishing pages with data collection forms and ads that annoy users.

Google Analytics

Spam also enters other Google services, including Google Hangouts and even Google Ads and Google Analytics. For Google Ads and Google Analytics, users will receive an attached message that reports the traffic of a particular website. Analytics allows files to contain text and links, and cybercriminals have exploited this feature. They can target business users because these services are actively used by website owners.

How to avoid spam through Google and other services

In fact, Google has put a lot of effort into fighting spam and phishing. However, as Google also found, the fights against spam don’t end. This means that once Google's spam service is blocked (inevitably), cybercriminals will also find loopholes to attack other services.

It is important for users to note:

• Do not open messages from unknown senders

• Do not accept invitations from people you don't know

• Do not touch or click the link in strange messages

• Install a reliable security solution with an anti-spam module to identify spam that has not been detected by Google filter

By: Kelly Jonas

Videos | Jokes | Travel | Insurance | Technology | Food | Life | Fashion | Beauty | Entertainment