As AI-powered attack campaigns continue to flood our inboxes, with smartphone users directly in the threat actors’ crosshairs, Google has responded by strengthening Android’s security protections, many of which, ironically, also have AI under the hood. With hackers changing caller IDs to spoof bank phone numbers or other trusted organizations, Google’s director of Android security and privacy, Eugene Liderman, has called out the threat as one of the main drivers of social engineering scams and financial frauds, which Europol has confirmed are behind a staggering $980 million in worldwide annual losses. “As we look ahead at the rest of 2026, Liderman said, “our focus is on scaling these intelligent defenses to be even more seamless and powerful.” Here’s what Google is doing to help protect billions of Android users from the threat.

Google Strengthens Android Caller ID Spoofing Protections For 2026

Users of Google’s Android ecosystem might be forgiven for thinking that it’s all bad news on the security front right now. After all, just this week, I have reported on seven million users being conned by “ any phone number call history ” apps in the Play Store, as well as exclusivity-revealing research that a Google security gaffe is leaving billions of Gmail users at risk of phishing threats. And social engineering, oh the irony, is exactly what Liderman’s latest security update is about. More precisely, it focuses on how scammers are impersonating financial institutions to fool Android users into transferring money or disclosing account information, with caller ID spoofing behind many of the attacks.

“To combat this,” Liderman said in a May 12 announcement , “we’re working with select banks and financial institutions to help protect their customers with verified financial calls, a new phone call spoofing protection feature designed to keep your money and personal information safe.” This follows the introduction of the new Key Verifier for Google Messages protection in 2025, described at the time as “an extra layer of assurance that the person on the other end is genuine.”

The latest phone call spoofing protection will start rolling out to users of Android 11+ devices who bank with Revolut, Itaú, and Nubank in the coming weeks. Liderman said it would expand to more banks later in the year. It works in the background whenever you receive a call that appears to be from the bank concerned, asking the banking app itself to confirm whether they are calling you. “If the app confirms that no phone call is being made,” Liderman explained, “the system ends the call.”

The bank can also opt to label certain numbers as for inbound calls only, and therefore never to be used to reach out to customers under any circumstances, the Google posting confirmed. All incoming calls from such numbers will automatically get cut off. “By improving protections against banking scams,” Liderman concluded, “we are ensuring that Android remains the most secure platform.”