Security researchers have identified a new phishing campaign that uses a fake Google security check to steal passwords and personal data. Malwarebytes reported that the scam impersonates Google’s account protection system and persuades users to install a malicious web app.
How the Scam Works
The attack begins with a fake Google account security page designed to appear legitimate. Victims are prompted to complete a verification step to protect their accounts. Instead, the process installs a rogue Progressive Web App through domains that resemble official ones, such as google-prism[.]com.
Progressive Web Apps typically make websites function like installed applications. In this case, attackers use the technology to deploy malicious software directly through the browser.
After installation, the app requests permission to send notifications, access clipboard data, and perform other browser functions. It then installs a service worker that enables background operations and data collection.
Researchers said the tool can steal login credentials, intercept one-time passcodes used for multi-factor authentication, and collect cryptocurrency wallet addresses. It may also access clipboard data, gather GPS location information, and capture device details.
The attack can also turn the victim’s browser into a proxy. This allows cybercriminals to route traffic through the compromised device, helping them hide their activities while continuing to monitor user data.
What to Do
Google does not conduct security checks through random pop-up pages. Users should avoid installing software or enabling notifications from such alerts. Official security tools are available only through myaccount.google.com.
Checking website URLs, avoiding unknown web apps, and enabling two-factor authentication can help reduce risks. Using a password manager adds further protection if credentials are exposed.
Google is increasing its defenses against emerging threats. The company recently identified an AI-powered malware capable of rewriting its code in real time. Chrome is also testing Gemini-based anti-scam tools to flag suspicious websites before users interact with them.
Stay Connected with ProPakistani
Get the latest tech news, telecom insights, and product launches wherever you prefer.
Add ProPakistani to Preferred Sources and see more of our stories in Google Search and Top Stories.
