Tech giant Google has warned users about emerging online scams that cybercriminals are increasingly using artificial intelligence and deceptive software to target consumers. Published on November 6, the update outlines several faster-growing threats, such as malicious VPN apps, emerging as a dangerous trend. Google’s latest findings reveal that attackers are weaponising trusted tools, exploiting AI hype, and launching aggressive social-engineering campaigns to compromise both individuals and businesses.
One of the most alarming developments highlighted is the rise of malicious VPN applications. According to the latest report from Google, hackers are disguising harmful software as trusted virtual private network (VPN) tools to infiltrate user devices. These affected apps are frequently imitating popular VPN brands or using aggressive social-engineering tactics — including sexually suggestive ads or fear-based messaging linked to geopolitical events — to deceive users into installing them. After installation, these rogue VPN apps can deploy a variety of threats such as information-stealers, remote-access trojans, and banking malware. Google warns that cybercriminals may even gain access to browsing history and sensitive login credentials.
To combat fake VPN applications, Google says Android and Google Play are increasingly relying on machine-learning systems to detect suspicious behaviour. The company also encourages users to enable Google Play Protect, noting that its enhanced fraud-protection pilot can automatically block installations of high-risk apps, especially those sideloaded through browsers, chat apps, or file managers.
The report also points to a rapid increase in online job scams. Google notes that criminal groups are generating convincing replicas of recruitment portals, creating fake government job postings, and building fraudulent recruiter profiles. Victims are often pressured to pay upfront fees or share sensitive documents, while some are tricked into downloading malicious “interview software” that infects devices and corporate systems. Google stated that its Misrepresentation policy prohibits such deceptive ads and highlighted the role of Gmail phishing detection, Messages Scam Detection, and 2-Step Verification in protecting job seekers.
Businesses, too, are experiencing new forms of extortion. Review-bombing campaigns have emerged as a tactic where attackers flood business listings with fake one-star ratings and then demand payment to stop further damage. Google Maps is rolling out updated reporting tools to help merchants flag these extortion attempts more effectively.
The surge in AI product impersonation scams is another trend gaining traction. With interest in AI tools soaring, criminals are mimicking well-known services to push harmful apps, “fleeceware” subscriptions, and credential-stealing browser add-ons. Fake “free access” offers are commonly promoted through hijacked social accounts, cloaked ads, and malicious repositories. Google said its Play Store and Chrome Web Store enforcement teams continue to remove apps that mimic legitimate AI products, while Safe Browsing’s AI-powered protections warn users about dangerous downloads in real time.
Fraud recovery scams — where previous victims are approached again by criminals posing as investigators or legal authorities — are also increasing. These schemes often rely on polished websites and AI-generated documents to appear credible. According to Google, scam-notification features in Messages and the Phone app help alert users before interactions become risky.
With Black Friday and Cyber Monday nearing, Google expects holiday-related scams to surge, including fake stores, misleading discount ads, and phishing messages disguised as delivery notifications. As part of its seasonal protections, the company has introduced new safeguards for Pixel 9 users who enable Enhanced Protection in Chrome, using on-device Gemini models to detect threats faster and more accurately.
