AI-Driven Pushpaganda Scam Exploits Google Discover to Spread Scareware and Ad Fraud

The rise of generative AI has lowered the barrier for creating large volumes of low‑quality content, and threat actors are quickly adapting those tools for malicious purposes. By feeding AI‑crafted headlines and articles into Google Discover’s algorithmic feed, the Pushpaganda campaign masquerades as legitimate news, luring users into a click‑through funnel that ends with a request to enable browser push notifications. Once granted, the notifications deliver alarming, fake‑legal messages that direct victims to scareware pages, where each click generates ad impressions and revenue for the operators.

Pushpaganda’s technical playbook blends classic search‑engine poisoning with modern push‑notification abuse. The actors first secure a network of over a hundred domains, populate them with AI‑generated, keyword‑rich articles, and use SEO tactics to rank in Discover’s personalized streams. When a user taps an article, JavaScript prompts the browser to subscribe to push alerts; the subsequent notifications act as a social‑engineering vector, creating a sense of urgency that compels users to follow malicious links. The scheme’s scale—240 million bid requests in seven days—demonstrates how automated content can generate real ad revenue while evading traditional spam filters.

For the broader digital advertising ecosystem, Pushpaganda is a warning sign. Advertisers risk paying for impressions that never reach genuine users, while platforms must enhance detection of AI‑generated, low‑value content that exploits discovery surfaces. Google’s rapid rollout of a fix underscores the need for continuous algorithmic updates and stricter enforcement of AI‑content policies. Security teams should monitor push‑notification requests and incorporate threat‑intel feeds that flag emerging abuse patterns, ensuring that the monetization layer behind such campaigns—like the previously identified Low5 network—cannot be repurposed unchecked. The episode highlights that as AI tools evolve, so too must the defenses protecting users and the ad supply chain.