Back in January, Google simplified its payment offering by merging Android Pay and Google Wallet into Google Pay. The new appellation made it simpler for users to manage their payments, thanks to a unified platform allowing them to pay with their phone, but also online using their browser. Despite this move, the defunct service seems to be coming back to life, in a rather intriguing manner. Indeed, several users have reported receiving notifications mentioning Google Wallet was granted access to their Google account.
It's unclear where these notifications are coming from, but they indicate the app is from an unidentified developer and the permission was granted using an unrecognized device with an unknown location. They also mention the app has access to Google Payments, which hints this could be a scam trying to access people's payment details.
Google has confirmed it's aware of the issue and investigating it, without providing further details. In the meantime, we strongly recommend revoking this fake Google Wallet's permissions from your account, changing your password, and checking for any suspicious activity on Google, as well as with your financial institutions. We'll update this post when we have more information on what seems to be a large-scale phishing attempt.
- Flavio Ramos