Researchers uncovered a fraud operation using AI-generated content to infiltrate Google Discover and deliver scams via browser notifications

HUMAN Security disclosed a fraud operation called Pushpaganda in which attackers used AI-generated articles optimized for Google Discover's feed to trick users into enabling browser notifications, which were then used to deliver scareware, fake arrest warrants, and financial scams, with researchers observing 240 million bid requests tied to the operation's 113 domains in a single week. The operation originated in India before spreading to the U.S., Australia, Canada, South Africa, and the U.K., and generated ad revenue through deepfake celebrity video ads and a JavaScript algorithm that cycled inactive tabs through attacker-owned pages to inflate ad loads. Google deployed a fix after HUMAN Security shared its full domain list, though researchers note that AI-generated content now passes human review, making enforcement increasingly difficult to keep pace with.