THUNDER BAY – TECH – Google has steadily enhanced its security measures to protect Gmail users from cyber threats, but hackers are becoming more sophisticated, leveraging AI-powered attacks.
With over 2.5 billion active Gmail accounts, the platform remains a prime target for scammers. Here’s what users need to know about the latest threat.
AI-Driven Gmail Scam: A New Level of Sophistication
Sam Mitrovic, a Microsoft solutions consultant, recently issued a warning after narrowly avoiding an advanced AI-driven phishing scam. This highly convincing scam, which Mitrovic called a “super realistic AI scam call,” is designed to deceive even experienced users.
Mitrovic’s encounter began with a seemingly routine Gmail account recovery request, followed by a missed call from a number claiming to be Google’s Sydney office. A week later, he received another recovery notification, this time followed by a call he answered. The caller, posing as Google support, claimed there was suspicious activity on his Gmail account.
“They asked if I was traveling or had logged in from Germany,” Mitrovic recalled. The conversation, designed to build trust and create fear, took a darker turn when the caller claimed that Mitrovic’s account had been compromised for a week and that the attacker had downloaded his data.
This alarmed Mitrovic, who connected the claim to the earlier recovery attempts.
While on the phone, Mitrovic searched the caller’s number and found it linked to legitimate Google business pages, adding credibility to the scam. However, further investigation revealed the number was related to Google Assistant calls, not Google support—an ingenious tactic designed to exploit users’ panic and confusion.
This advanced phishing scam showcases how attackers are using AI to refine their tactics, making it harder for users to discern legitimate alerts from fraudulent ones.
Protecting Yourself From Advanced Gmail Scams
AI deepfakes aren’t limited to controversial uses like politics and explicit content—they’re also being deployed in sophisticated phishing attacks, such as the one described here. If someone contacts you claiming to be from Google support, stay calm.
Google will never call you directly, so this is a major red flag. You won’t face any consequences for simply hanging up.
Use available tools, such as Google Search and your Gmail account, to verify the legitimacy of the call. Search the phone number to see where it truly originates. Check your Gmail account activity to ensure no unfamiliar devices have accessed it.
Follow Google’s guidance on staying safe from phishing scams, and most importantly, avoid acting impulsively. Scammers often create a sense of urgency to push you into making a quick decision, like clicking a link or sharing your credentials.
Take a moment to pause—staying calm is your best defense.