NEW YORK, April 14, 2026 (GLOBE NEWSWIRE) -- HUMAN Security, Inc., the trust layer for digital customer experiences in the agentic era, today announced that its Satori Threat Intelligence and Research Team has identified a novel ad fraud and scareware threat dubbed Pushpaganda. Google confirms it has already rolled out a fix for this issue.
Named for the push notifications central to the scheme, Pushpaganda generated invalid organic traffic from real mobile devices by tricking users into subscribing to persistent and alarming browser notifications. At its peak, HUMAN observed 113 domains and roughly 240 million bid requests associated with Pushpaganda domains in a single seven-day period. While the operation initially targeted users in India, the threat expanded to impact users in Australia, the United States, and beyond.
“Pushpaganda showed how quickly threat actors use AI to hijack trusted discovery surfaces such as Google Discover feeds, turning routine news and content streams into engines for scareware, deepfakes, and financial fraud,” said Gavin Reid, CISO at HUMAN. “By combining Satori’s threat intelligence with HUMAN’s ad and click fraud defenses, we are cutting off these operations at the infrastructure level so that partners and platforms can protect their users.”
“We keep the vast majority of spam out of Discover through robust spam-fighting systems and policies against emerging forms of low quality, manipulative content. Prior to learning of this report, we launched a fix for the spam issue in question, maintaining our high bar for quality content on Discover,” said Jennifer Kutz, Communications & Public Affairs at Google.
The scheme’s primary mechanism for luring unsuspecting users was through Google’s Discover feeds, the personalized content feed on the homepage of Google Search on mobile devices — a novel technique observed by HUMAN. The threat actors used advanced SEO techniques to inject deceptive news stories containing AI-generated content into personalized content streams on Android and Chrome. Once a user was lured to an actor-controlled domain, they were manipulated into enabling push notifications that later delivered scareware, fake legal threats, and financial scams. When clicked, these notifications redirected users to additional sites owned by the threat actors, generating “organic” traffic to the ads on those sites, which the threat actors then used to cash out.
“Pushpaganda uses common scareware lures to create a sense of urgency and prompt victims to click on notifications, exposing them to additional kinds of fraud,” said Lindsay Kaye, Vice President of Threat Intelligence at HUMAN. “Like many ad fraud campaigns HUMAN disrupts, the actors look for ways to increase victims’ engagement with the scheme, and incorporating techniques that exploit user trust at scale is an effective way for them to do so.”
Researchers have shared the full list of Pushpaganda-associated domains with Google, and customers partnering with HUMAN for Ad Fraud Defense and Ad Click Defense remain protected against Pushpaganda. The Satori team will continue to monitor potential adaptations by threat actors, including new domains and cash-out techniques.
About HUMAN:
HUMAN Security is the global leader in Agentic Trust, the emerging discipline that informs and governs how humans, bots, and AI agents operate online. For more than a decade, HUMAN has specialized in understanding and mitigating automated traffic risk at internet scale, protecting the world’s largest brands, advertising platforms, and commerce networks. Today, HUMAN helps enterprises, platforms, and digital ecosystems verify digital interactions and establish trust across the entire customer journey - from first ad impression to final transaction. Powered by one of the world’s largest behavioral signal networks, HUMAN analyzes over a quadrillion digital interactions each year to distinguish legitimate activity from fraud, abuse, and automated manipulation.
HUMAN delivers a unified trust layer for the agentic era — bridging security, marketing, and media with shared visibility, governance, and confidence in a world where humans and AI agents operate side by side. Learn more at humansecurity.com
Contact information:
Masha Krylova, Director of Communications
press@humansecurity.com
A photo accompanying this announcement is available at https://www.globenewswire.com/NewsRoom/AttachmentNg/4b5b2fe5-5692-42d1-b12e-0edc9c1481bb
