AI-Driven Pushpaganda Scam Exploits Google Discover to Spread Scareware and Ad Fraud

Staff Editor 2026-04-14
AI-Driven Pushpaganda Scam Exploits Google Discover to Spread Scareware and Ad Fraud

AI-Driven Pushpaganda Scam Exploits Google Discover to Spread Scareware and Ad Fraud

https://thehackernews.com/2026/04/ai-driven-pushpaganda-scam-exploits.html

Publish Date: 2026-04-14 10:30:00

Source Domain: thehackernews.com

Cybersecurity researchers have unmasked a novel ad fraud scheme that has been found to leverage search engine poisoning (SEO) techniques and artificial intelligence (AI)-generated content to push deceptive news stories into Google’s Discover feed and trick users into enabling persistent browser notifications that lead to scareware and financial scams.

The campaign, which has been found to target the personalized content feeds of Android and Chrome users, has been codenamed Pushpaganda by HUMAN’s Satori Threat Intelligence and Research Team.

“This operation, named for push notifications central to the scheme, generates invalid organic traffic from real mobile devices by tricking users into subscribing to enabling notifications that presented alarming messages,” researchers Louisa Abel, Vikas Parthasarathy, João Santos, and Adam Sell said in a report shared with The Hacker News.

At its peak, about 240 million bid requests have been associated with 113 domains linked to the campaign over a seven-day period. The threat, although observed targeting India, has since expanded to other regions like the U.S., Australia, Canada, South Africa, and the U.K.

The findings demonstrate how threat actors abuse AI to hijack trusted discovery surfaces and turn them into delivery vehicles for scareware, deepfakes, and financial fraud, Gavin Reid, chief information security officer at HUMAN, said. Google has since rolled out a fix to address the spam issue.

The entire scheme hinges on the scammers luring unsuspecting users through Google Discover to trick them into visiting misleading news stories filled with AI-generated content. Once a user lands on one of the actor-controlled domains, they are coerced into enabling push notifications that deliver fake legal threats and scams.

Specifically, the scareware notifications, once clicked, redirect users to additional sites operated by the threat actors, generating organic traffic to ads embedded in those sites and…

Source

More Stories

Accelerating cloud-powered cybersecurity learning with IBM Cyber Campus and AWS

Accelerating cloud-powered cybersecurity learning with IBM Cyber Campus and AWS

Staff Editor 2026-06-07
DentaQuest Breach: ShinyHunters Publish Data Impacting 2.6M People

DentaQuest Breach: ShinyHunters Publish Data Impacting 2.6M People

Staff Editor 2026-06-07
Security Affairs newsletter Round 580 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs newsletter Round 580 by Pierluigi Paganini – INTERNATIONAL EDITION

Staff Editor 2026-06-07

Terms and Conditions - Privacy Policy