A recently uncovered ad fraud scheme exploits Google Discover by utilizing search engine optimization techniques and AI-generated content to disseminate deceptive news stories. This campaign tricks users into enabling persistent browser notifications, which ultimately lead to scareware and financial scams. The scam's operators leverage AI to generate convincing content, increasing the likelihood of user engagement. By poisoning search engine results, the operators ensure their malicious content appears in Google's Discover feed, thereby expanding their reach. The use of AI-generated content adds a layer of sophistication to the scam, making it more challenging for users to distinguish between legitimate and malicious information1. This development highlights the evolving threat landscape, particularly with regards to Google's services, and underscores the need for practitioners to reassess the security of their environments in light of such emerging threats.