Daily Guardian UAEDaily Guardian UAE
  • Home
  • UAE
  • What’s On
  • Business
  • World
  • Entertainment
  • Lifestyle
  • Sports
  • Technology
  • Travel
  • Web Stories
  • More
    • Editor’s Picks
    • Press Release
What's On

After YouTube, TikTok is testing its own AI likeness detection tool

July 18, 2026

How Do Ink Tank Printers Reduce Printing Costs Over Time?

July 18, 2026

Google Contacts borrows a handy iPhone trick to make sharing your number easier

July 18, 2026

Apple Music just got pricier

July 17, 2026

Did J-Hope of BTS just spoil Samsung’s biggest Galaxy Z Fold 8 surprise?

July 17, 2026
Facebook X (Twitter) Instagram
Finance Pro
Facebook X (Twitter) Instagram
Daily Guardian UAE
Subscribe
  • Home
  • UAE
  • What’s On
  • Business
  • World
  • Entertainment
  • Lifestyle
  • Sports
  • Technology
  • Travel
  • Web Stories
  • More
    • Editor’s Picks
    • Press Release
Daily Guardian UAEDaily Guardian UAE
Home » This fake Google Security check can steal your passwords. Here’s how to stay safe
Technology

This fake Google Security check can steal your passwords. Here’s how to stay safe

By dailyguardian.aeMarch 4, 20263 Mins Read
Share
Facebook Twitter LinkedIn Pinterest Email

A new phishing campaign is using a fake Google security check to steal passwords and other sensitive data from unsuspecting users.

Researchers at Malwarebytes warn that the scam impersonates Google’s account protection system, tricking victims into installing a malicious web app.

Once installed, the tool quietly collects credentials, one-time passcodes, and other personal information. The scam begins with a fake Google account security page designed to look authentic.

Victims are asked to complete a security verification step to protect their account. Instead of protecting their account, the process installs a rogue Progressive Web App (PWA), often through a domain designed to look legitimate, such as google-prism[.]com.

How the fake Google security page steals your data

Progressive Web Apps are normally used to make websites behave like installed applications. In this case, attackers abuse it to deploy a malicious app directly through the browser.

malicious-google-security-page

After installation, the PWA seeks permission to send notifications and access clipboard data and other browser functions, then deploys a service worker that enables push alerts, background operations, and sensitive data collection.

Researchers say it can steal login credentials, intercept OTPs used for multi-factor authentication, and harvest cryptocurrency wallet addresses. The tool may also access clipboard data, collect GPS location information, and capture other device details.

The attack can also turn a victim’s browser into a proxy that routes traffic for the attackers. This means cybercriminals can hide their activity behind the user’s device while continuing to monitor data from the compromised browser.

android-app-install-prompt

This incident highlights a broader trend in cybercrime, where even modern AI tools can be abused, with researchers showing that browsing-enabled chatbots can act as stealthy relays for malware traffic.

How to stay protected?

Google does not run security checks through random pop-up pages. If a “security alert” asks you to install software, enable notifications, or share contacts, close it. Real security tools are available only through your account at myaccount.google.com.

Staying safe requires paying close attention to security prompts and website addresses. You should always check the URL before entering login details and avoid installing unknown web apps.

Enabling two-factor authentication and using a password manager can also add extra protection if credentials are exposed.

Google is also stepping up defenses against emerging threats. The company recently flagged a new AI-powered malware that can rewrite its own code in real time.

This is why Chrome is testing Gemini-based anti-scam protection to automatically flag suspicious websites before users fall for phishing attacks.

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Keep Reading

After YouTube, TikTok is testing its own AI likeness detection tool

How Do Ink Tank Printers Reduce Printing Costs Over Time?

Google Contacts borrows a handy iPhone trick to make sharing your number easier

Apple Music just got pricier

Did J-Hope of BTS just spoil Samsung’s biggest Galaxy Z Fold 8 surprise?

Sega’s Virtua Fighter Crossroads is coming to Nvidia’s wild new RTX Spark PCs

Google’s next Gemini upgrade might not arrive as soon as expected

Lenovo’s new gaming laptop is the first to feature a 240Hz inkjet-printed OLED display

Anti-surveillance clothing is getting cheaper, but don’t expect an invisibility cloak

Editors Picks

How Do Ink Tank Printers Reduce Printing Costs Over Time?

July 18, 2026

Google Contacts borrows a handy iPhone trick to make sharing your number easier

July 18, 2026

Apple Music just got pricier

July 17, 2026

Did J-Hope of BTS just spoil Samsung’s biggest Galaxy Z Fold 8 surprise?

July 17, 2026

Subscribe to News

Get the latest UAE news and updates directly to your inbox.

Latest Posts

NBQ’s Resilient Performance in H1-2026: Strong Growth Amid Challenges

July 17, 2026

Sega’s Virtua Fighter Crossroads is coming to Nvidia’s wild new RTX Spark PCs

July 17, 2026

Google’s next Gemini upgrade might not arrive as soon as expected

July 17, 2026
Facebook X (Twitter) Pinterest TikTok Instagram
© 2026 Daily Guardian UAE. All Rights Reserved.
  • Privacy Policy
  • Terms
  • Advertise
  • Contact

Type above and press Enter to search. Press Esc to cancel.