New AI Scam That Infiltrates Gmail Without You Knowing
Wednesday, October 16, 2024, 12:00
Artificial intelligence has come with power, but its use can have very positive contributions but also pose a real threat. There are people who use it for harm. Microsoft security product expert and founder of consulting firm CloudJoy Sam Mitrovic has warned that cybercriminals have managed to obtain caller IDs associated with the company in order to appear legitimate and contact users using the technology.
Cybercriminals have begun using artificial intelligence (AI) voice tools to trick users by posing as Google tech support, he said. The scam, which Mitrovic discovered the hard way, begins when he receives an approval notification for an attempt to recover a Gmail account, but it originates from a country in which the victim does not reside, in his case the United States.
Click and login to WhatsApp
According to him, this is why he rejected the offer, but less than an hour later he received a call from Australia, allegedly from Google, which he also ignored. A week later, the expert received another notification of approval for the restoration of his Gmail account, also from the USA. Having ruled that out, they called him again with an Australian number, but this time he answered.
On the other hand, a voice with an American accent, “very polite and professional,” explained that he was a Google technical specialist and said that suspicious activity had been detected on his email account. The alleged technician told him that someone had accessed his Gmail account and downloaded his data.
Mindful of his cybersecurity knowledge, Mitrovic checked the phone number and noted that it matched the official Google Australia number, but still asked the operator to send him an email indicating the alleged reported incident. The technician made this effective with an email that appeared to include a Google domain.
However, the expert noticed that the “To” field contains an email address with a domain that does not belong to the “googlemail@internalcasetracking.com” signature. For this reason, he decided to check access to his account himself and realized that only he had logged in from his profile, which alerted him and he decided to ignore the requests of this supposed technician.
If you weren’t vigilant and didn’t know it was a scam, you would most likely approve the account recovery notification, which would allow cybercriminals to take full control of your Gmail.
Through email, scammers have access to all the confidential information that may be stored there, as well as to other accounts and profiles associated with this email, from social networks to the bank. In the same way, they can also impersonate a person to commit fraud and theft on behalf of the person who has been defrauded.