### AI-Driven Deception Targets Mobile Users The **Pushpaganda** campaign, identified by **HUMAN**'s Satori Threat Intelligence and Research Team, targets the personalized content feeds of Android and Chrome users. Researchers Louisa Abel, Vikas Parthasarathy, João Santos, and Adam Sell reported that the operation generates invalid organic traffic from real mobile devices by tricking users into subscribing to notifications that present alarming messages. At its peak, approximately 240 million bid requests were associated with 113 domains linked to the campaign over a seven-day period. Initially targeting India, the threat has expanded to regions including the U.S., Australia, Canada, South Africa, and the U.K. Gavin Reid, chief information security officer at **HUMAN**, emphasized how threat actors are abusing AI to hijack trusted discovery surfaces and transform them into delivery vehicles for scareware, deepfakes, and financial fraud. **Google** has since implemented a fix to address the spam issue. ### How the Scam Works The scheme hinges on luring unsuspecting users through **Google** Discover to misleading news stories filled with AI-generated content. Once a user lands on an actor-controlled domain, they are coerced into enabling push notifications that deliver fake legal threats and scams. Clicking on the scareware notifications redirects users to additional sites operated by the threat actors, generating organic traffic to ads embedded in those sites and enabling them to generate illicit revenue.  ### Push Notification Abuse: A Recurring Threat This isn't the first instance of threat actors weaponizing push notifications. In September 2025, **Infoblox** highlighted **Vane Viper**, a threat actor engaging in systematic push notification abuse to serve ads and facilitate ClickFix-style social engineering campaigns. Lindsay Kaye, vice president of threat intelligence at **HUMAN Security**, noted that malware-based threats involving push notifications, both for web and mobile platforms, are not new. Users are often quick to click on these notifications, making them an effective tool in a malware author's arsenal. ### Google's Response A **Google** spokesperson stated that the company keeps the vast majority of spam out of Discover through robust spam-fighting systems and policies against emerging forms of low-quality, manipulative content. Prior to learning of the report, they launched a fix for the spam issue, maintaining a high bar for quality content on Discover. **Google** has implemented robust spam policies and spam-fighting systems to tackle abusive practices that surface unoriginal, low-quality content in Search and Discover. Regular algorithmic updates are rolled out to flag policy-violating content that seeks to manipulate Search and News rankings. According to **Google**'s guidance, any use of AI to generate content primarily to manipulate search rankings is against its spam policies. This includes scaled content abuse, such as using generative AI tools to produce pages that offer no value, scraping feeds, and creating multiple sites to hide the scaled nature of the content. ### Ad Fraud Laundering Marketplaces This disclosure follows **HUMAN**'s recent identification of over 3,000 domains and 63 Android apps constituting one of the largest ad fraud laundering marketplaces ever uncovered. This operation, dubbed Low5, monetizes domains as cashout sites for sophisticated fraud schemes, including **BADBOX 2.0**. The operation peaked at roughly 2 billion bid requests a day and may have operated on as many as 40 million devices worldwide. Apps associated with Low5 include code that instructs user devices to visit domains connected with the scheme and click on ads. Cashout sites, also called ghost sites, are used to conduct content-driven fraud, using bogus sites and apps to sell space to advertisers who assume their ads will be viewed by humans. The Android apps in question have been removed from the **Google Play Store**. **HUMAN** emphasizes that a shared monetization layer spanning thousands of domains allows multiple threat actors to plug into the same infrastructure, creating a distributed laundering system. This increases threat resilience, complicates attribution, and enables rapid replication. Even after a specific fraud campaign is shut down, the monetization infrastructure can survive. If one malicious app or device network is removed, the same cashout domains can be reused by other actors. Low5 reinforces the need for continuous, aggressive threat intelligence and detection expertise to hunt down cashout domains and flag them pre-bid.