Google is introducing a new Android security feature that will detect and flag phone calls in which scammers use artificial intelligence to impersonate a user's personal contacts.
Called "fake call detection," the feature is rolling out globally this month to Android 12 and later devices, starting with Pixel devices, and will be enabled by default.
Once activated, it works automatically when both a caller and recipient are using Phone by Google: when a contact places a call, their device sends a silent, encrypted confirmation signal to the recipient's device in real time.
If that signal is not sent (indicating the call may be spoofed), the recipient's device will instead ping the contact's actual phone to verify the call's authenticity. If the contact's device confirms it is not placing a call, the recipient receives an on-screen warning to hang up immediately.
"If a scammer tries to impersonate your contact, that initial confirmation signal will be missing. Your device will instantly notice this and ping your contact's actual device to double-check," Google said.
"If their real device says, 'I'm not making a call right now,' you'll get a warning on your screen advising you to hang up immediately. This proactive alert helps you avoid falling victim to deepfake impersonation and call spoofing in real time."
This new security feature is built on top of the Rich Communication Services (RCS) open standard and will only work on Android devices where the Phone by Google, Contacts, and Google Messages (with RCS enabled) apps are installed.
According to Google, this addresses two widespread fraud tactics: scammers spoofing a familiar contact's phone number while simultaneously using AI voice-cloning technology to mimic that person's voice.
Last year, the U.S. Federal Trade Commission (FTC) warned that reported losses from impersonation scams
reached $2.95 billion in 2024 alone, while INTERPOL's March 2026 Global Financial Fraud Threat Assessment flagged impersonation fraud as one of the leading threats contributing to more than $440 billion in global losses last year.
"For years, people have relied on caller ID to know who is on the other end of the line, but this is no longer sufficient due to scammers' new tactics," Google added.
"If your device uses a different app, you can install Phone by Google from the Play Store and set it as your default phone app to help protect yourself from fake calls."
In December, Google also
expanded support for Android in-call scam protection to multiple banks and financial apps in the United States, including Cash App (with 57 million users) and the JPMorganChase mobile banking app (with over 50 million downloads).
Automated pentesting tools deliver real value, but they were built to answer one question: can an attacker move through the network? They were not built to test whether your controls block threats, your detection rules fire, or your cloud configs hold.
This guide covers the 6 surfaces you actually need to validate.
Download Now
Post a Comment Community Rules
You need to login in order to post a comment
Not a member yet? Register Now
<small>Source: Bleeping Computer</small>
