If you use your mobile phone daily for everything from paying at the supermarket to managing your online bookings, you'll be interested to know how the Google's anti-fraud AI is changing the game against digital scamsIn recent years, the Mountain View giant has gone from reacting to scams to trying to anticipate them, relying on artificial intelligence models deployed in Search, Android, and Chrome.
This strategy translates into protection layers that operate in calls, SMS, apps, notifications and web browsingThese measures are combined with new defenses against scams that also use AI, such as fraudulent search results or spam in Google Discover. Let's take a closer look at how this entire shield works, what data Google uses to claim an advantage over Apple, what risks remain, and what you can do to avoid falling into the trap.
Why Google is boasting about its anti-fraud AI on mobile devices
In recent months, Google has released internal studies and figures to support the idea that its Android phones, and especially Pixel phones, are significantly better protected against fraud than iPhones. Together with the consulting firm YouGov, they surveyed more than 5.000 people in the United States, India, and Brazil, focusing their attention on suspicious calls and messages.
According to that data, those who own a Pixel claim to receive up to 96% fewer malicious messages than iPhone usersThis gap cannot be dismissed as mere statistical noise. On average, Android users report 58% fewer fraudulent messages than iOS users, and iPhone owners are 65% more likely to have received three or more suspicious messages in a single week.
This advantage doesn't come from nowhere: Android integrates multi-layered defenses that rely on AI to analyze patterns and anomalous behaviors.We're not just talking about a spam filter: there's call monitoring, SMS analysisReal-time controls when you perform sensitive actions and constant monitoring of suspicious apps and websites.
Furthermore, the survey reflects very different perceptions. Android users are 20% more likely to rate their mobile phone's protection as very or extremely effectiveWhile iPhone users are 150% more likely to say their device is "not effective at all" against scams. With all the nuances inherent in any survey, the trend suggests that Google's approach is resonating with its users.
In Spain, the context amplifies this effect. With a Android's approximate market share is 75,6% compared to iOS's 24,1%.Three out of every four mobile phones in the country rely on Google's security infrastructure. Any improvement to its defenses directly impacts millions of people, from basic users to very intensive users.
AI to stop fraud before it reaches you
Google has been using artificial intelligence for over a decade to detect scams and block them before the user even sees the baitAccording to the company itself, its systems stop more than 10.000 billion suspicious attempts per month worldwide, ranging from basic spam to highly elaborate financial frauds.
The technical basis is the massive reading of signals: AI analyzes text, metadata, conversational patterns, and context of calls, SMS messages, and notifications. If it sees typical social engineering tactics, suspicious URLs, or requests that encourage you to bypass security measures, it can cut off the interaction or issue aggressive warnings to make you think twice.
This philosophy of "preventive" protection is reflected in very concrete things. Android is learning to prevent you from installing an app with malicious behavior, warn you if during a call someone insists that you disable security options or stop critical steps when an app tries something that doesn't fit with its normal use.
In terms of applications, the service Google Play Protect It works like an antivirus specialized in mobile apps.Examine apps before installing them from Google Play and continue monitoring them afterward to detect changes in behavior following updates—a key tactic against Trojans that "sleep" and awaken later.
When sailing, the Enhanced Safe Browsing protection in Chrome adds an extra barrier against fraudulent websites, phishing, and dangerous downloads.The latest advances incorporate AI models that run directly on the device, without uploading content to the cloud, allowing for faster identification of sites that show signs of deception, even if they are entirely new attacks.
Android vs. iOS: Where the real difference lies
Beyond the fan debate, there is a key technical aspect: where and how each company applies its anti-fraud artificial intelligenceAn analysis by Counterpoint Research indicates that Apple has concentrated much of its effort on Messages and the App Store, reinforcing SMS filtering and app review.
Google, on the other hand, has opted for a cross-cutting approach: Security AI is being deployed throughout the Android ecosystemFrom the Phone app to the notification system, including native operating system services and key components like Play Protect and Chrome, this "capillarity" allows for the detection of fraud regardless of the entry point.
In numbers, this translates to Android users receiving on average 58% fewer fraudulent messages than those who use iOSAccording to the joint Google and YouGov survey, the data for the Pixel family is even more striking, with up to 96% fewer malicious messages compared to iPhones.
Apple hasn't stood still and in recent versions of iOS has introduced new filters and controls, but The pace and depth of deployment are not identicalWhere Google has spent years refining production models, the Cupertino company is now accelerating its own bet, something positive for the user because it raises the overall bar for the industry.
Google's implicit message is clear: The longer a platform spends refining its AI models in real-world fraud scenarios, the better.The more practical advantage it accumulates, the more it gains. However, no system is foolproof, and attackers exploit any vulnerability, whether it's a new feature, human error, or a misconfigured API.
Apple's latest features and the features Android already had
An example of this career can be found in the call filter built by Apple in iOS 26This feature asks the caller to state their name or explain the reason for the call before allowing the user to answer, helping to reduce aggressive sales calls and certain attempts at telephone fraud.
Google emphasizes that This type of voice filtering and answering machine has existed for some time in the Android Phone app.Especially on Pixel phones, where call screening options require several iterations. The user can decide whether to answer, hang up, or transfer the call to an AI-powered answering machine.
The relevant thing is not so much who did it first, but that This type of functionality is now part of the standard for what a modern mobile system should offer.For the user, competition translates into more built-in defenses and less need to resort to third-party apps of dubious quality to combat spam and scams.
In practice, ideally the phone should be able to detect social engineering scripts during the call itselfrecognizing signs such as extreme urgency, requests for bank details or instructions to disable security systems, and jumping in with a clear warning before the damage becomes irreversible.
Google's accumulated experience with AI models applied to voice, natural language, and usage patterns gives it a certain advantage, but Apple is strengthening its own systems as it expands its generative AI and security capabilities throughout its ecosystem.
AI summaries in the search engine: usefulness, pitfalls, and how to protect yourself
Alongside traditional security, Google has begun rolling out security measures in its search engine. AI-generated summaries that directly answer many queriesThese are fragments that combine information from different indexed pages and present it in natural language, saving the user clicks and time.
The problem is that this comfort opens up new avenues of attack. There are, at a minimum, three sources of risk in these AI summariesThe first is the well-known "hallucinations"—invented or distorted responses that models can generate even as technology improves. The second is that the websites used as a basis may already contain errors or omissions.
The third, and most worrying, is that Cybercriminals fill the internet with fake content on websites and forums to manipulate what AI collects and displays.If forums, blogs, and websites with no history are flooded with carefully poisoned information, it's more likely that the summary you see on screen will include a malicious number or link that looks legitimate.
The case of a person who searched has already been documented how to book a luxury cruise and saw in the Google summary a fraudulent phone to complete the reservationConvinced it was the "official" number provided by the search engine, she fell straight into the scam. There have also been examples of recommendations for sites containing malware, customer service numbers that don't belong to the real company, and incorrect URLs for sensitive services.
Google maintains that its systems They detect and eliminate the vast majority of these attemptsand that the summaries are “effective in most cases.” Even so, the company itself acknowledges that it is a constant game of cat and mouse against malicious actors testing new tactics to deceive both the algorithms and the users.
How to avoid falling for scams using search engine AI
The best defense against this type of deception is to adopt a simple rule: Don't blindly trust what an AI says, no matter how integrated it is into the search engine.Consider any answer as a starting point, not as the absolute truth that closes the investigation.
This is especially important when the answer includes phone numbers, web addresses, technical support information, or instructions related to payments, investments, or downloadsIn such cases, it is advisable to exercise extreme caution and Verify each piece of information on official websites.such as your bank's website, the company's corporate page, or its verified apps.
If the AI suggests a customer service number, Don't mark it directly from thereGo to the company's official website and look for the phone number in their contact section. Do the same with URLs: check that the domain is correct, without extra letters, intentional typos, or suspicious endings.
It also helps to maintain a certain "nose" for Detect unusual details in companies, domains, and account chargesCompany names that are almost identical to real ones, web addresses with extra hyphens or very generic domains, or payments that appear with strange descriptions are all red flags worth checking before proceeding.
Ultimately, the golden rule is Always verify critical information by consulting several reputable and official sources.You can use AI feedback to guide you, but cross-reference data with reliable sources before making decisions that affect your money, personal data, or device.
How AI cleans up Search and strengthens Chrome
Beyond summaries, Google has been using AI for years to filter fraudulent results within the classic link list itselfAccording to their report “Combating Search Engine Scams”, machine learning-based systems and new classifiers have made it possible to detect up to 20 times more deceptive pages than in previous stages.
The company explains that these models They analyze enormous volumes of text and behavioral patterns on the web To locate coordinated fraud campaigns, sites impersonating official services, or pages attempting to steal credentials or payment information. The goal is that you won't even see most of the scams because they'll be left out of the initial search results.
One specific example that Google mentions is the rise of Websites that pretend to be airline customer serviceTaking advantage of the fact that many travelers seek help during stressful times, scammers set up websites with fake phone numbers and fabricated processes to obtain data or money. According to the company, recent improvements have reduced these types of scams by more than 80% within the search engine.
In the browser, the mode of Enhanced Safe Browsing protection in Chrome works like the strictest security settingCompared to the standard mode, it promises double the protection against phishing and scams, as it analyzes the websites you visit and the downloads you make in more depth.
The new feature is the integration of Gemini Nano, a language model that runs locally on the deviceThis model is able to interpret the structure and content of pages in real time and generate near-instant warnings about potentially dangerous sites, even when it comes to new campaigns that are not yet blacklisted.
Chrome, Gemini Nano and the fight against tech support scams
One of the most visible threats in recent years is... technical support scams that pretend to be system or browser alertsThey usually appear as full-screen messages saying your computer is infected, accompanied by loud sounds and a phone number you're supposed to call.
In these scenarios, Google's AI in Chrome recognizes typical patterns of deceptionThese include persistent full-screen pop-ups, unrealistic error messages, the use of audio to scare users, and requests to call unverified numbers. When the model detects this type of behavior, it can block access to the page and display a clear warning that it could be a scam.
Chrome has already started using this capability with the Enhanced Protection enabled on desktop computersFocusing specifically on remote technical support scams, where criminals try to get you to install remote control tools or share your bank keys.
Google's plan is bringing this same approach to Android and expand the catalog of covered frauds.
In addition, Chrome for Android has introduced New AI-powered warnings against misleading web notificationsWhen the model detects that a site is trying to bombard you with ads that could be spam, fake malware alerts, or links to dangerous websites, it offers shortcuts to block them or cancel your subscription before the problem escalates.
reCAPTCHA Enterprise and protection for platforms like GoFundMe
Google's anti-fraud AI doesn't stop at its own products, but also It integrates with services that use third parties such as reCAPTCHA Enterprise.An illustrative case is GoFundMe, the well-known crowdfunding platform, which has publicly explained how it complements its internal security systems with Google tools.
By combining its algorithms with the reCAPTCHA Enterprise service, GoFundMe has improved its ability to Detect fake accounts, fraudulent campaigns, and suspicious fund movementsThis strengthens donor confidence and reduces the possibility of the money ending up in the wrong hands.
This collaboration shows the extent to which Google's models can help other companies filter malicious trafficDetecting automated processes in registrations or payments and curbing massive attempts at financial fraud. All this by leveraging real-time behavioral signals and a vast historical record of abuse patterns.
For any startup or digital business, the lesson is clear: It's better to invest early in AI applied to security than to fix a reputational problem and financial losses later.Integrating proactive detection at critical product points can make the difference between an isolated incident and a serious crisis.
Scam Detection: The AI that listens to your calls to warn you
In the field of telephony, Google has introduced an advanced feature called Scam Detection, a kind of intelligent call monitor It runs directly on some Pixel models. This tool monitors what is said during the conversation in real time to detect typical signs of fraud.
Among those signs are the pressure to urgently transfer money to a “secure account”Direct requests for bank credentials or one-time codes, or instructions to disable security settings "so we can help you better," are all suspicious. If the system detects one of these patterns, it will issue visual or audible alerts to prompt you to end the call or, at the very least, to be suspicious.
What's interesting is that all this processing is done thanks to Gemini Nano running locally on the deviceAccording to Google, no audio recordings are stored or sent to the cloud, and the feature is entirely optional and reversible from the Phone app settings.
For now, Scam Detection is available English only, in the United States, and for Pixel 6 and later modelswithin a public beta. The intention is to bring it to more regions, languages, and brands—including others like Samsung—but for now, its rollout is limited.
Whether or not you have this feature, security experts repeat the same maxim: No bank will ever ask you for passwords, PINs, or verification codes over the phone.If someone rushes you, asks you to ignore security warnings, or asks you to share your screen, the wise thing to do is hang up and call the bank's official number yourself from their website or app.
A global overview of digital fraud and the role of AI
To understand the magnitude of the problem these systems face, one need only look at the latest study by Global Anti-Scam Alliance and ScamAdviserThe study surveyed nearly 50.000 people in 43 countries. According to its data, 25,5% of participants lost money in the last year due to scams or identity theft.
The total estimated losses exceed one billion dollars, with phone calls and SMS being the most common attack vectorsSpecifically, 61% of victims reported calls as the entry channel and 58% cited text messages, with types ranging from phantom purchases to investment fraud.
Looking at Latin America, the outlook is no more encouraging. In Argentina, the Specialized Cybercrime Prosecutor's Office registered 25.588 complaints. Between April 2021 and March 2022, complaints increased by 75,5% compared to the previous period. From April 2022 to March 2023, complaints rose to 35.447, another increase of 38,5%.
These figures provide context for why companies like Google, Apple, and other industry players... They are pouring so many resources into developing AI-based defensesAs connectivity increases, so does the attack surface, and manual or purely blacklist-based methods fall short.
AI allows for the analysis of large volumes of data in real time, adapting models to new fraud tactics and learning from each failed attempt, but Scammers are also using AI to automate and refine their campaigns.It's a marathon, not a sprint, and user education remains a critical link.
India as a real-time detection laboratory
One of the countries where Google is deploying its services most intensively live detection experiments in IndiaIt's a huge market with high mobile penetration and a wide range of digital literacy levels. There, they're testing features that analyze what's happening on screen in real time to deliver contextual alerts.
The system pays special attention to risky situations, such as when a user shares their screen or uses financial and messaging appsIf it detects suspicious patterns—for example, requests to show bank details or guide the user through a “secure” transfer—it can send messages reminding users of good practices and warning of potential fraud.
The underlying idea is that the AI should identify dangerous behaviors mid-process, not after the mistake has already been made.In emerging economies where highly advanced users coexist with others taking their first digital steps, this type of advertising can make all the difference.
Google insists, however, that technology alone is not enough. It is necessary to combine these functions with awareness campaigns and training in digital securityso that people can recognize the warning signs and know what to do when they suspect a scam.
If these tests work, it's reasonable to expect that similar features will eventually arrive in other countries, incorporated as standard in future versions of Android and in manufacturers' customization layers.
Lessons for startups and digital businesses: AI and security as pillars
This entire anti-fraud deployment offers several lessons applicable to any digital project, especially in fintech, e-commerce or online servicesThe first is that AI-based security cannot be an afterthought, but a pillar of the product from the beginning.
Integrate detection models at sensitive points such as the user registration, the payment process, or support channels It helps identify anomalous activities before they lead to financial losses or reputational damage. It's not just about preventing fraud, but about building trust with the user.
It is especially useful to show clear and actionable alerts when fraud patterns are detectedexplaining to the user what is happening and what they should do: block a transaction, change their password, review transactions, or contact support through a secure channel.
It is also key to establish a continuous improvement loop: Each detected incident should feed into the system so that it learns and adapts.This involves recording signals, correctly labeling fraud cases, and adjusting both business models and rules.
Finally, we must not forget the human element: train internal staff and customers themselves to recognize scams It's just as important as having good algorithms. Just as it's often said that sustainability isn't a passing fad but a structural change in how business is done, AI-powered security must be understood as a permanent commitment, not a temporary fix.
A layered approach: calls, messages, apps, browser, and content
If anything defines Google's strategy, it's the layered approach. Instead of relying on a single miracle filter, the company It includes overlapping functions: call filtering and monitoring, SMS analysis, app monitoring with Play Protect, and browsing protection with Chrome and Gemini Nano..
This means that, for example, if a fraudulent SMS manages to bypass the filters and convinces you to call a suspicious number, Detecting scams during the call can still save the situation with a timely warning. If, on the other hand, you click on a malicious link, Chrome can warn you before you send any data or download anything.
In the field of apps, Play Protect acts as a last line of defense when an application becomes malicious after an update.disabling it or warning you that something doesn't match its usual behavior. This way, no scam depends on a single point of failure.
The same approach is starting to be applied to the content you see in Search and Discover, where Anti-spam and AI systems attempt to keep misleading AI-generated articles out of the feed that masquerade as legitimate journalism. Organizations such as Reporters Without Borders have denounced that some of this content has reached millions of users.
Google claims that its systems They block the vast majority of spam and low-quality, manipulative content.Discover has stated that its policy prohibits false content and that it is working on solutions to better address these new forms of abuse. Even so, recent cases have come to light, for example in France and the UK, where fake news about business closures or changes to the retirement age went viral through Discover.
Best practices for users: your part of the deal
However advanced anti-fraud AI may be, You are always the final filterThere are a number of basic habits that drastically reduce the chances of falling for a scam, and which should be internalized just like putting on your seatbelt when getting into the car.
The first rule is Be wary of urgency and any message that tries to rush you. to make a financial decision or share data. Attackers know that if you're given time to think, alarm bells will ring; that's why they force artificial deadlines and threaten immediate blocking.
The second is Always verify information through official channels.If you receive a text message or call from your bank, politely hang up and call the number listed on their website or official app. If a website asks you to log in to a critical service, carefully review the URL before entering your username and password.
It is equally important Keep Android and all your apps up to date, and enable Chrome's enhanced protection.Many new security features arrive in the form of silent updates, and keeping your system up to date is one of the most effective and simplest defenses.
Finally, avoid installing APKs from dubious sources. Whenever possible, trust Google Play and carefully review the permissions each app requests.And if a supposed technical support person asks you to share your screen or install remote control tools, hang up and go to the official channels to check if there really is a problem.
With the rise of generative AIAttackers will continue to refine their traps, and Google, Apple, and the rest of the industry will continue to strengthen their defenses with increasingly sophisticated models both inside and outside of devices; the more you leverage these layers of protection, the more critical spirit The more you apply these measures when interacting with messages, calls, and online content, the less room you'll leave for scams to infiltrate your digital life.
