Google is fighting a massive, daily war against scammers on your behalf. The company revealed on Thursday that its security systems built into Android phones are protecting users from a staggering number of threats. Every single month, Android’s AI stop more than 10 billion suspicious calls and text messages from ever reaching you.

The tech giant also said it has been playing offense. It has successfully blocked over 100 million suspicious phone numbers from using Rich Communication Services (RCS), which is the new, modern version of SMS texting. By blocking these numbers, Google is preventing countless scams before they can even be sent.

How Google Fights Back

In the last few years, Google has been building smarter and stronger defenses to handle this flood of fraud. The company uses artificial intelligence that runs directly on your device. This smart technology automatically detects known spam messages.

When it finds one, it silently moves that message into the “spam & blocked” folder inside the Google Messages app, so you don’t even have to see it.

Google also recently finished rolling out a global feature called “safer links.” This tool is designed to be a last line of defense. If the system flags a message as spam but you still try to click a web link inside it, Google will show you a warning screen. This warning stops you from accidentally visiting a harmful website, though it still gives you the option to proceed if you’re certain the message is safe and mark it as “not spam.”

The Top Scams You Need to Watch For

So, what kinds of scams are criminals trying to pull? Google’s analysis of user reports from August 2025 painted a clear picture of the most common threats.

The number one most prevalent scam category was employment fraud. In this scheme, criminals post fake job opportunities to lure in people who are actively searching for work. The goal isn’t to hire them; it’s to trick them into handing over personal information, bank account details, or even paying for fake “background checks.”

Another major category involved financially-motivated scams. These include fake messages about bogus unpaid bills, warnings about subscriptions you never signed up for, and fraudulent investment schemes that promise huge returns. To a lesser degree, people also reported common scams related to package deliveries, impersonators pretending to be from a government agency, romance scams, and fake technical support calls.

Scammers Get Creative with New Tactics

Criminals are constantly changing their methods to avoid getting caught. In a fascinating twist, Google said it has seen a major increase in scams happening in group chats rather than traditional one-on-one messages.

This new tactic may seem odd, but it’s a clever bit of social engineering. A scammer will create a group chat with a number of potential victims. They will also add a second scammer, or a “shill,” into the group. This partner-in-crime will then validate the original scam message, perhaps by pretending to be a happy customer or by encouraging others to click the link. This teamwork is designed to make the scam feel less suspicious and appear to be a legitimate, active conversation.

The Scammer’s Work Schedule

These fraud operations aren’t random; they run like a business, complete with a daily and weekly schedule. Google’s analysis found that scam messages start being sent around 5 a.m. Pacific Time in the U.S.

The activity then ramps up and peaks between 8 a.m. and 10 a.m. PT.

The highest volume of fraudulent messages is sent on Mondays. This timing is deliberate. Scammers target the beginning of the workday when they know recipients are likely to be their busiest and most distracted. They hope that a person juggling emails and meetings will be less wary and more likely to click a link without thinking.

The Two Main Attack Methods

Most of these scams fall into two broad strategies: the “Spray and Pray” or the “Bait and Wait.”

The “Spray and Pray” approach is a high-volume, low-effort game. The scammer blasts a wide net, sending the same message to millions of numbers, knowing that only a tiny fraction of people need to fall for it. These messages rely on creating a false sense of urgency. They use lures related to current events, package delivery notifications, or unpaid toll charges. The goal is to rush you into acting immediately. They want you to click the malicious link, which is often hidden using a URL shortener to mask the dangerous website, and steal your information before you realize what’s happening.

The second method is the “Bait and Wait.” This is a much more calculated and personalized targeting method. Here, the threat actor tries to establish a relationship and build rapport with a target over time. Scams like romance baiting (also known as “pig butchering”) fall into this category.

“The scammer engages you in a longer conversation, pretending to be a recruiter or old friend,” Google explained. “They may even include personal details gathered from public websites like your name or job title, all designed to build trust.”

This tactic is much more patient, as the scammer aims to maximize the financial loss from a single victim over a longer period.

The Underground Scam Economy

Regardless of the tactic, the end goal is always the same: to steal information or money. The phone numbers they target are often bought and sold on dark web marketplaces, sourced from data stolen in security breaches.

This entire operation is supported by a criminal supply chain. This includes suppliers who provide hardware for phone and SIM farms, which are used to blast out millions of messages at scale. It also includes Phishing-as-a-Service (PhaaS) kits, which are ready-made toolkits for harvesting credentials and managing scam campaigns. Finally, they use third-party bulk messaging services as the “distribution engine” to send the messages.

The search giant described this landscape as highly volatile. Fraudsters are always looking to buy SIM cards in bulk from countries that present the fewest obstacles or have weak enforcement.

“While it may appear that waves of scams are moving between countries, this constant churn doesn’t mean scammers are physically relocating,” Google added. “Once enforcement tightens in one area, they simply pivot to another, creating a perpetual cycle of shifting hotspots.”