A new wave of sophisticated phishing scams using Artificial Intelligence (AI) is targeting Gmail users, aiming to steal personal data and gain full access to accounts. The FBI issued an alert in May last year after spotting a rise in such attacks, which can result in financial losses, reputational damage, and compromised sensitive data.
The scammers start by making phone calls claiming the user’s account has been compromised, followed by legitimate-looking emails that appear to come from Google. They then try to convince the target to provide their Gmail recovery code, claiming it’s needed to restore the account.
One victim, Sam Mitrovic, a Microsoft solutions consultant, received a notification to approve a Gmail account recovery attempt and was then called with a message saying there had been suspicious activity on his account. Luckily, he realized something was wrong and hung up.
Experts warn that the scams are getting increasingly sophisticated, more convincing, and deployed at larger scales. People may fall for them due to their busy nature. To avoid falling victim, users should be cautious when receiving phone calls or emails from Google, and never click on links or download files from unexpected messages.
Malwarebytes advises taking these precautions:
– Never enter personal information on a website unless it’s legitimate
– Use a password manager to autofill credentials only on trusted sites
– Monitor accounts for signs of unauthorized access or data leaks
– Verify security alerts by visiting the Google Account page directly instead of using links in emails
– Use multi-factor authentication (MFA) for all accounts
– Protect devices with up-to-date security software and text protection.
Source: https://www.mirror.co.uk/tech/gmail-email-ai-message-warning-34680072