Cybercriminals use AI to impersonate Google operators

cybercriminals they take advantage Artificial Intelligence (AI)) generating voice For deceive users. Criminals pretend to be him Google technical serviceto take control of your Gmail accounts.

Product Expert Microsoft Security, Sam Mitrovichwarned that cybercriminals They were able to obtain caller IDs associated with the company in order to appear legitimate and contact users.

He fraudof which Mitrović was targeted arose as a result of receiving notification approve the attempt account recovery Gmail, whose application was created in the USA. After the deviation and after about 40 minutes, got a call who introduced himself on his terminal as Google Sydney.

A week later, the expert received another notification of approval restoring your account from Gmail, also from the USA. Having ruled that out, they called him again with an Australian number half an hour later, as he explained in his blog.

This time he answered, and a voice with an American accent was heard from the other side: “very educated and professional“. After presenting yourself as a professional Google technical serviceinformed him that suspicious activity had been detected in his email.

After trying to find out certain information, such as whether Mitrovic is coming, cybercriminals who was pretending Google operator told him that someone had access to his Gmail account within a week and that he had uploaded his data, a period of time that coincided with the previous call.

He cybersecurity expert On Google’s official website, he confirmed that the company’s Australian support number was the same as the number on his mobile phone.

However, to check the legitimacy of the call, he asked the operator to send him an email indicating the alleged incident recorded on his account, and he did so, the sender of which included Google domain.

Despite this, the researcher admitted that he was aware that this was relative easy to fake and a telephone number – despite the fact that during the conversation there was noise in the background, similar to the noise of any call center – and email.

The expert warned that in the “To” field there is Email address with a domain that does not belong to the company “googlemail@internalcasetracking.com”. Moreover, during progress of the conversation discovered that this could be created using an artificial intelligence tool, “because pronunciation and spacing“Between one word and the next, they were too perfect.”

Once the call from the supposed technical service ended, the researcher accessed the Login Activity section of his computer. gmail profile, included in Google Account Management option, detected how it was faked sender email address using Salesforce CRM, which allows them to set the sender address and send messages through Gmail and Google servers.

The investigation found that others Reddit users received an email similar to yours using search tool Return Australia phone number to sender’s phone number. Then he discovered that another the user fell for a scam believing it was a legitimate communication.

In this sense, he noted that if he had stayed in touch long enough, he would have preferred to approve the account reinstatement notice because both the person, phone number, and email address used for the campaign were not the same. They seemed fake. With this permission, cybercriminals they would gain control.

In addition, he indicated what the signs were that led him to determine that this was a possible attack, such as receiving notifications about account recovery that you haven’t launched or there are no active sessions in your Google account other than the one you were using. Google, for its part, clarified that it does not call Gmail users unless they have commercial profile.