Google has launched a new AI feature that will alert users to potential scam conversations over texts and calls using “on device” AI models, before shipping flagged content back to base to further refine its models.
The text version of the feature has first been activated as part of spam protection settings for users in Canada, the US and UK on Google Messages, the default texting app for most Android phones, but will expand to more countries “soon”.
Scam Detection for phone calls has a more limited availability, with a beta run offering the service to all Pixel 6 to 9 phones last year now expanding to all English speaking Pixel 9 and up users in the country.
The AI will only analyse texts and phone conversations from contacts users don’t already know, with a focus on highlighting potential “conversational scams” which Google warns “can often appear initially harmless before evolving into harmful situations.”
Use of local, lightweight AI models such as Gemini Nano keeps message processing on device, though Google states it “may also ephemerally process the contents of unencrypted messages to detect spam and use those signals to train AI models to improve spam detection.”
When asked for clarification on this policy, Google told The Stack that only messages flagged as a scam by users were sent to its servers to train the AI model.
See also: Phishing was still wildly effective in 2024: Consider 4 things…
Google joins a growing list of companies offering ‘AI-powered’ features to protect users from scammers worldwide as entry methods such as phishing get more sophisticated.
According to the Global Anti-Scam Alliance, $1 trillion was lost to scams worldwide in 2024, with the majority delivered via phone calls or texts.
Elsewhere, Google has been fighting off claims that reported non-consensual tracking of Android users may violate the EU’s data privacy laws.
Research published by Professor Doug Leith, Head of Computer Systems at Trinity College Dublin, highlighted cookies and identifiers sending data to Google servers through pre-installed apps like Google Play Services.
One named Google Android ID in particular can “only be changed by factory resetting the handset” and other cookies identified by Leith could communicate with Google apps before they were ever opened.
The research claims “no consent is sought for storing” the data involved and “there is no opt out”, warning GDPR may apply to it as “personally identifying information”, though Google says it disagrees with Leith’s legal analysis.
