Britec News

AI Push Notification Scam Hits Google Discover

AI-Driven “Pushpaganda” Scam Hijacks Google Discover

What is it?

A new ad fraud campaign called Pushpaganda is using AI-generated content and SEO manipulation to slip fake news stories into Google Discover.

Users—primarily on Android and Chrome—are lured into clicking these stories. Once on the page, they’re prompted to enable browser notifications.

That’s the trap.

After opting in, users begin receiving alarming push notifications (legal threats, security warnings, urgent alerts) that redirect to scam sites, scareware, and ad-heavy pages designed to generate fraudulent revenue.

At peak activity:

  • 240 million ad bid requests in just 7 days
  • 100+ malicious domains involved
  • Global reach, including Canada

Why should you care?

This isn’t just another pop-up scam.

It’s a shift in how attacks are delivered.

Threat actors are now:

  • Using AI to generate convincing, scalable fake content
  • Abusing trusted platforms like Google Discover
  • Turning real users and real devices into ad fraud engines

The dangerous part?
There’s no malware required upfront.

All it takes is:

  1. Clicking a “legitimate-looking” article
  2. Allowing notifications

From there, attackers:

  • Push fake security alerts
  • Redirect users to scam or phishing sites
  • Monetize clicks through ad fraud

This blends social engineering + AI + ad tech abuse into something far more effective than traditional attacks.

What can you do?

Keep it simple and practical:

1. Be cautious with notification prompts
If a site asks you to “Allow notifications to continue,” don’t. Legitimate news sites don’t gate content like this.

2. Audit browser permissions
Regularly check and remove suspicious notification permissions in Chrome or Android settings.

3. Train your team
Users need to recognize:

  • Fake urgency (“Your device is infected”)
  • Legal scare tactics
  • “Breaking news” from unknown sources

4. Use layered protection
Endpoint detection, DNS filtering, and browser security controls help block these redirects before they escalate.

5. Stay updated
Even though Google has pushed fixes, campaigns like this evolve quickly.

The Bigger Picture

This campaign shows how fast threats are accelerating.

AI isn’t just improving productivity—it’s:

  • Scaling scams
  • Increasing believability
  • Shortening attack timelines

What used to take weeks to build now takes minutes.

Britec Helps

You don’t need to chase every new threat—but you do need systems that adapt.

Britec helps by:

  • Monitoring emerging threats in real time
  • Locking down endpoints and browsers
  • Training your team to spot what tools can’t

No noise. No panic. Just protection that works.

‹ Back to Britec News