The Defender's Advantage Podcast
Episode: How Android Combats Mobile Scams
Date: January 16, 2026
Host: Luke McNamara (Mandiant/Google Threat Intelligence Group)
Guest: Eugene Lederman (Senior Director, Android Security and Privacy Product Group, Google)
Episode Overview
This episode explores the evolving landscape of mobile scams and fraud—how threat actors use new tactics to target both consumers and enterprises, and what Google and the Android Security team are doing to combat these threats. Host Luke McNamara and guest Eugene Lederman dig into shifting scam tactics, the impact of AI on both offense and defense, and the technical and operational measures Android has implemented to protect users across billions of devices worldwide.
Key Discussion Points & Insights
1. The Evolution and Impact of Mobile Scams
Timestamps: 03:08–06:31
- Growing Prevalence: Scams now impact both consumers and enterprises. The classic "Nigerian prince" email scams have evolved; mobile connectivity means people are reachable 24/7, vastly increasing attack opportunities.
- Techniques: While communication methods have diversified (calls, texts, social media, third-party messaging), the tactics—building trust, urgency, and manipulation—remain similar.
- "The window of opportunity has gotten that much larger. And now... there's every communication mechanism you can think of." — Eugene, 04:12
- Enterprise Concerns: Phishing and scams targeting business users increasingly mirror consumer scams, and vice versa.
2. Types and Categories of Scams
Timestamps: 06:31–10:57
- Major Types: Job scams, IT support scams, romance scams, financial fraud, sextortion, targeting the elderly, and more.
- Complexity: Originally, scams fell into about eight main categories, but now permutations exceed 250–300, including many subcategories tailored to individuals or regions.
- Tactics: Some scams are "funnel"–style (mass blasts), while others are targeted "long game" scams (e.g., romance or "pig butchering" scams that unfold over months or even years).
- Attack Vectors:
- Malware-based fraud (installing malicious apps)
- Screen sharing abuse (gaining visual access during support calls)
- Traditional social engineering (no malware, just manipulation)
- Android Defenses:
- Google Play Protect scans apps for malware ([08:54])
- Blocking sensitive information during screen sharing
- AI-driven, real-time on-device warning systems to identify high-risk interactions
3. Regional and Vector Differences
Timestamps: 10:57–14:09
- Regional Trends:
- Southeast Asia/Latin America: More malware-based fraud, users are accustomed to installing apps from outside trusted stores.
- Western Europe/North America: More reliant on social engineering, fewer malware scams.
- Rise of Fake Merchants: Scam e-commerce sites sell non-existent goods, a challenge because perpetrators aren’t impersonating legitimate brands.
- Quote: "The actual scam type, the script that's being used... those don't really change too much regionally. I think it's the vector that really is different." — Eugene, 11:45
4. Android's Multilayered Approach to Defending Users
Timestamps: 14:09–19:10
- Principles:
- Start with user warnings (real-time, on-device alerts, auditory/haptic feedback).
- Add friction: If high confidence of a scam, block link clicks, app installations, or even terminate calls.
- Operate at scale: Billions of devices scanned each day.
- Call screening by default blocks suspicious calls/messages so users never see them.
- Awareness & Human Behavior:
- Scammers adapt scripts to neutralize warnings ("That message is normal!").
- Warning fatigue is real; users must remain vigilant.
- Demo Highlight: Live demo at anti-scam event showcased multiple Android protection features.
5. Leveraging AI: Advantages and Limits
Timestamps: 19:10–22:18
- Training custom models: On-device, privacy-preserving AI models are updated regularly to catch new scams and adapt quickly.
- Adversarial AI: Scammers also use AI for deepfakes, automated voice cloning, and more—lowering entry barriers for running sophisticated scams.
- Quote: "I always joke... the only way you can fight bad AI is with good AI." — Eugene, 20:10
- Red Teaming: Google's own "red teamers" have weaponized AI for voice cloning in simulated attacks.
6. The Blurring Line Between Consumer and Enterprise Targeting
Timestamps: 22:18–25:18
- Spillover: Tools and tactics are fluid—AI enables tailored scams agilely across consumer and enterprise targets.
- Workflow Example: Using open source tools to build targeted scam trees based on publicly available executive data, leading to highly convincing impersonations.
- Verification and Provenance: Emphasis on digital watermarking (SynthID), provenance (like CTPA standards), and technological multi-factor verification to identify synthetic content and authenticate communication.
7. The Road Ahead: Partnerships, Evolving Threats, and User Hygiene
Timestamps: 25:18–31:04
- Public-Private Partnerships: Success in battling scams hinges on collaboration between industry, app developers, and governments.
- Case Study: Enhanced fraud protection deployed with Singaporean authorities, then rolled out in Thailand, Brazil, now operating in 180+ countries ([27:20])
- Research-Backed Success:
- Android/Pixel users report fewer scam messages ([26:30])
- Android recognized for strongest AI-powered anti-scam features
- User Responsibility: Emphasis on "cybersecurity hygiene"; users must update devices, enable phishing-resistant protections, and adopt a "zero trust" approach.
- Quotes:
- "At the end of the day, every enterprise customer is a consumer...If you get access to them on their personal side, that's another vector." — Eugene, 29:20
- "The one thing that's most important is the average person thinks they'll never be scammed. And... like, no, you would fall for it." — Eugene, 30:25
- "It all goes back to zero trust. Like I always tell people, I don't trust anybody." — Eugene, 31:02
Closing Thoughts:
- Scams are a fluid, global problem impacting everyone. The Android team is committed to layered, privacy-preserving protections.
- Human awareness remains a pivotal last defense—even as technology evolves.
- Android’s ongoing strategy centers on user empowerment, cooperation with partners, and leveraging AI to stay ahead of fast-evolving threats.
Notable Quotes & Memorable Moments
-
On the evolution of scams:
"The tactics are very similar...the window of opportunity has gotten that much larger." — Eugene (04:12) -
On AI in scam detection:
"I always joke...the only way you can fight bad AI is with good AI." — Eugene (20:10) -
On future-proofing:
"It's uncharted territory...there's definitely that spillover between consumer and enterprise because it’ll be the same tactics, they’re just going to use different scripts..." — Eugene (24:00) -
On user hygiene:
"The one thing that's most important is the average person thinks they'll never be scammed. And...like, no, you would fall for it." — Eugene (30:25)
"It all goes back to zero trust. Like I always tell people, I don't trust anybody." — Eugene (31:02)
Key Takeaways
- Mobile scams are increasingly sophisticated and omnipresent.
- AI is both a challenge and a solution—defenders and attackers alike leverage it.
- Android’s defenses are multilayered, from user warnings to device-level AI.
- Global collaboration and user vigilance are critical—technology alone isn’t enough.
- Zero trust should be a guiding principle, for enterprises and individuals alike.
Episode Host: Luke McNamara | Guest: Eugene Lederman
Episode Date: January 16, 2026