Google says scammers are impersonating authorities and pressuring victims to pay “legal fees.” The tactics often combine urgency with credential-harvesting attempts to complete account takeovers.

In its latest fraud and scams advisory, Google notes that impersonation-style fraud remains a major driver of losses for U.S. victims. The advisory describes scammers adopting the identity of perceived officials or institutions, using the posture of enforcement or legal action to create immediate pressure. By framing the situation as urgent—such as an alleged case requiring payment—scammers can reduce a victim’s willingness to verify details through official channels. Google also emphasizes that these impersonation schemes are not limited to payment demands. They commonly include steps that ask victims to provide credentials or to follow instructions that lead to account compromise. The goal is often to transition from the initial manipulation into identity theft or account takeover, leveraging stolen email or other login information to conduct further fraud. A recurring pattern described in the advisory is adversaries using social engineering to make interaction feel legitimate: victims may be routed through convincing forms, messaging, or landing pages that mimic real processes. Google highlights that such scams evolve, meaning even familiar “authority” scripts can be refreshed with new lures and delivery mechanisms. The advisory’s risk framing for consumers is straightforward: if a request for payment or credential sharing is tied to an impersonation claim and urgency, it should be treated as a likely scam.