Beware Scams in Your Google Alerts
Bogus links can find their way into the Web search results that Google delivers to your inbox.
Google Alerts are designed to keep you up-to-date on the latest online chatter surrounding your chosen areas of interest. It's simple to sign up, pick any topic and receive alerts by email as Google finds relevant new results. But hidden dangers can lurk in the links that land in your inbox on a weekly, daily or even real-time basis.
Always evolving scammers are succeeding in getting their links to show up in Google Alerts results seemingly by inserting popular keywords in the titles and pages of their fraudulent sites. So a Google Alerts user who wants to see, say, anything new on the Web related to "Kiplinger" might receive, in addition to legitimate links to Kiplinger.com and to news about Kiplinger, links to spammy or even malicious sites that are making surreptitious use of the name to attract potential victims. Google, which didn't respond to a request for comment, certainly strives to identify and block bogus sites, but there's evidence that some scammers are getting around its defenses.
Spam disguised in this manner is a new trick, says Gary Davis, chief consumer security evangelist at McAfee. “This is the first I’ve heard of it,” he says. Davis examined some of the suspicious links we discovered in Google Alerts and determined that they led to potentially harmful malware that could infect a computer "instantaneously."
One popular scam making the rounds is a “Blue Screen of Death” popup window that tells a PC user that their machine has been hacked – and to call a certain phone number for "tech support." According to Web security site MalwareBytes.org, which maintains a rolling blacklist of rogue Web sites and companies offering phony tech support, calling the number only worsens the problem. Beyond shaking you down for repair money, the “technician” on the other end of the line may use the opportunity to load your computer with spyware to steal valuable personal and financial information. (See How to Recover from a Tech Support Scam for more.)
What can you do to protect yourself from deceptive links in Google Alerts? For starters, before you click a link in the email, hover over it with your cursor to see if the Web address points to a legitimate site. If the Google Alerts result purports to be a news story from CNN, but the URL has no connection to CNN, then it's very likely a scam. Also, be sure to report the issue. Go to Google.com/alerts, scroll to the bottom of the page and click on "feedback" to file a complaint. You can report the alleged spammer to the Federal Trade Commission too.
If you want to reduce the chances of spam showing up in your Google Alerts, Davis suggests narrowing your search parameters. Let's say you're an investor who is interested in the latest news about dividend stocks. When you first set up your alert, put "dividend stocks" in quotes to indicate that you're only interested in returning results in which the terms appear together. You can limit the sources of your results to "news" and "blogs," which would exclude broader "web" results. Also, set your Google Alerts to "Only the best results" as opposed to "All results." Finally, unless you're specifically looking for results from sites outside the U.S., limit the region to "United States." The shady links we found in Google Alerts pointed to sites in Germany and France, as indicated by the ".de" and ".fr" URL suffixes, rather than the familiar ".com" suffix.