A convincing fake of Google’s Gemini chatbot is steering users toward a nonexistent “Google Coin,” promising up to 7x returns if they move money fast. The scam blends AI-generated conversation, deepfake branding, and classic crypto hype to separate victims from their savings. It also shows how fraudsters are learning to weaponize the trust people place in big-name tech and in AI assistants themselves.
How the bogus Gemini chatbot scam actually works
The operation starts with a lookalike site that imitates Google’s Gemini interface, complete with a chat window and familiar styling. According to a technical breakdown of the campaign, visitors land on the fake chatbot page after clicking on search ads or links that use Google-related keywords and branding to lure in curious users. Once on the page, the scripted “assistant” behaves like a real chatbot, answering general questions before steering the conversation toward a supposed investment opportunity in a proprietary Google cryptocurrency.
Rather than offering neutral information, the fake assistant aggressively pitches “Google Coin” as an exclusive token allegedly backed by Google and available only for a limited time. The chatbot claims that early buyers can multiply their money by a factor of seven and repeatedly encourages users to act quickly before the offer closes. The scammers frame this as a special pre-sale open to select Gemini users, a tactic that makes the pitch sound both urgent and personalized.
Once a victim shows interest, the chatbot directs them to a separate “investment” portal that mimics a Google-branded dashboard. There, users are urged to deposit funds in cryptocurrency, often in popular coins such as Bitcoin or Tether, into a wallet that the site labels as a Google-controlled address. The interface may show fake balance updates and fabricated “profit” figures to create the illusion that the investment is already growing. In reality, any funds sent to the wallet go straight to the scammers, and there is no mechanism for withdrawal.
Researchers who examined the infrastructure behind the campaign found that the fake Gemini chatbot is not a live AI model at all, but a scripted flow that triggers prewritten responses when users type certain keywords related to investing or Google Coin. This setup allows the operators to maintain tight control over the sales pitch while still presenting it as a natural conversation with an intelligent assistant. One analysis of the scheme highlighted how the chatbot even sprinkles in generic safety tips about crypto, which makes the sales push feel more credible before it pivots back to the high-yield offer.
The fake interface also borrows design elements from legitimate Google properties, including color schemes and iconography, to lower suspicion. Some victims reportedly believed they were interacting with an official Gemini test environment or an experimental product rollout, which made them more willing to follow the chatbot’s instructions without cross-checking through Google’s main site or support pages.
Why this AI-powered “Google Coin” grift is especially dangerous now
The Gemini impostor scam lands at a moment when people are rapidly normalizing the idea of asking AI tools for financial guidance. As more users rely on chatbots to summarize markets, explain complex products, or walk them through sign-up flows, criminals see an opening to replace or imitate those assistants and hijack that trust. In this case, the attackers are not just impersonating a brand, they are impersonating a brand’s AI.
Security researchers point out that this is part of a broader pattern in which scammers are using AI-themed lures to sell fake crypto products. One report describes how fraudsters have been deploying Gemini-style chatbots to push non-existent tokens, with some victims persuaded to send large sums after lengthy back-and-forth conversations. The conversational format helps build rapport and can wear down a user’s initial skepticism, especially when the chatbot repeatedly references well-known companies and technologies.
The made-up Google Coin taps into two powerful narratives at once: the long-running myth that major tech firms are secretly preparing their own cryptocurrencies, and the belief that getting in early on a big company’s token is a guaranteed path to quick wealth. By attaching a specific multiplier, in this case the promise of 7x returns, the scammers give users a clear, enticing number to fixate on. That simple figure can overwhelm more rational questions, such as why a trillion-dollar company would quietly sell a retail coin through an unannounced chatbot interface.
Another factor that raises the stakes is how polished the scam looks from the outside. The fake Gemini page uses HTTPS, professional-looking graphics, and responsive layouts that render cleanly on both desktop browsers and mobile devices. To a casual user who clicked through from a search result, nothing immediately screams “fraud.” The chatbot’s ability to respond to arbitrary questions, at least within a limited script, also sets it apart from older phishing pages that relied on static text and crude forms.
Researchers warn that this type of attack blurs the line between phishing and social engineering. Instead of a one-shot attempt to steal credentials, the fake chatbot engages in an ongoing conversation that can adapt to hesitation or partial resistance. If a user expresses doubt, the script responds with reassurances about Google’s supposed backing, screenshots of fabricated press coverage, or claims that thousands of other “users” have already profited. This interactive pressure can be more persuasive than a single email or pop-up ad.
The campaign also hints at a future in which scammers use actual large language models to generate tailored investment pitches on the fly. In the current “Google Coin” scheme, the responses are largely prewritten, but the format prepares users to accept the idea of an AI assistant as a financial advisor. Once that expectation is set, swapping in a more sophisticated model that can personalize arguments based on a victim’s questions or fears becomes a logical next step for criminals.
From a consumer protection standpoint, the Gemini impersonation exposes gaps in how people verify authenticity when interacting with AI tools. Many users have learned to check URLs or look for misspellings in emails, but far fewer have habits for confirming that a chatbot itself is legitimate. If the interface looks right and the conversation feels smooth, users may assume they are in a trusted environment, even when the underlying domain or account is controlled by attackers.
What security experts expect from the next wave of AI-driven scams
Analysts who tracked the fake Google Coin promotion see it as an early example of a trend rather than an isolated stunt. A detailed investigation into the campaign notes that the operators have been iterating on their approach, experimenting with multiple domains and slightly different chatbot scripts to see which versions convert best. One write-up of the infrastructure behind the scheme describes how the same group used a Gemini-branded chatbot on several lookalike sites, all feeding into the same crypto wallets.
Security researchers expect future scams to lean even more heavily on automation. Instead of static decision trees, attackers can plug real AI models into their fake assistants, allowing them to handle a wider range of questions and to mirror the tone and style of legitimate tools. That shift would make it harder for users to spot inconsistencies, such as canned responses or abrupt topic changes, that currently give some scams away.
On the defensive side, browser makers and security vendors are likely to expand their detection rules to cover AI-themed phishing. That could include flagging sites that combine brand impersonation with chatbot widgets, or scanning for repeated use of phrases like “exclusive coin” and “guaranteed 7x return” in contexts that reference major tech companies. Some researchers have already begun cataloging these patterns to help automated systems block or warn about suspicious pages before users engage with them.
