Beware! Cybercriminals are using AI voices to steal Gmail credentials
What's the story
Artificial intelligence (AI) is now being used to orchestrate sophisticated scams, targeting Gmail's 2.5 billion users.
As per Forbes, cybercriminals are leveraging AI tech to mimic human voices in phone calls that appear to come from Google support.
These fraudulent calls are part of a larger scheme aimed at tricking users into revealing their login credentials.
On calls, the scammers often claim the user's account has been compromised or is under recovery process.
Deceptive tactics
Scammers use fake Google emails to gain user trust
The scammers, posing as support agents, then send an email to the targeted Gmail account from a seemingly authentic Google email address.
This is done to convince the user that their account has indeed been compromised and needs recovery.
The email often contains a code for account recovery, further adding to its perceived legitimacy.
Zach Latta, founder of Hack Club, managed to identify and halt this elaborate scam in its tracks.
Emotional manipulation
Persuasive tactics often involve emotional manipulation
Garry Tan, founder of venture capital firm Y Combinator, issued a warning after receiving similar phishing emails and calls.
He revealed the scammers claimed to be verifying his existence and dismissing a false death certificate filed by a family member for account recovery.
This emotional manipulation is another tactic used by these cybercriminals to persuade users into enabling password recovery, further highlighting the sophistication of their approach.
Personal encounter
Microsoft consultant shares his experience with AI scam
Sam Mitrovic, a Microsoft solutions consultant, detailed how he got a Google account recovery attempt notification and a suspicious phone call.
The caller said there was unusual activity on Mitrovic's account and offered to help secure it.
However, Mitrovic recognized the follow-up email as spoofed and stopped communicating.
He later found all log-in sessions in his Google account settings were his own, further exposing the scam.
Security measures
Google recommends 'Advanced Protection' to secure accounts
To protect yourself from such scams, it is recommended to turn on "Advanced Protection" from Gmail settings.
This feature provides additional layers of identity verification with passkeys and smart keys, keeping your account secure even if hackers are able to steal your credentials.
The increase in AI-powered scams highlights the need for caution and strong security for online platforms like Gmail.