Gmail users at risk from AI-powered cyberattack

An AI-powered cyber-attack is targetting Gmail’s 2.5 billion account holders. The hackers reportedly reach out to Gmail users with a realistic AI scam call that claims to be from Google Support to trick them. 

Sam Mitrovic, a Microsoft solutions consultant, reported the scam in a blog posted recently describing what exactly happened. Mitrovic first received a notification asking him to approve a Gmail account recovery attempt which is a usual phishing method to obtain user login credentials. After ignoring the alert, Mitrovic received another notification that he had missed a call from Google Sydney which he ignored too. 

A week later, the same steps repeated with Mitrovic after which he picked up the phone call in which he was informed about suspicious activity in his Gmail account. The person claiming to be from Google Support said the attacker had downloaded Mitrovic’s account data.

The number from which he had received the call also appeared to be from a Google business page. 

Eventually, Mitrovic realised the voice on the phone call was AI-generated as it was too perfect and kept repeating “Hello” after every 10 seconds. 

The scam would have ideally moved towards capturing user credentials and used a type of session cookie malware that could bypass the two-factor authentication if implemented. 

Published - October 14, 2024 11:27 am IST

Disclaimer: The copyright of this article belongs to the original author. Reposting this article is solely for the purpose of information dissemination and does not constitute any investment advice. If there is any infringement, please contact us immediately. We will make corrections or deletions as necessary. Thank you.
You might also like