Another Day Another Scam! AI-Based Gmail Account Takeover

Users are falling victim to a sophisticated AI-based account takeover scam, which carefully impersonates Google staff over multiple weeks. Sam Mitrovic, an IT consultant and tech blogger, received a notification to approve a Gmail account recovery attempt, which he denied. According to his blog, Mitrovic then received a call roughly 40 minutes later, showing the caller ID as Google Sydney, which he also declined. Using phony account-recovery notifications is a classic trick used by cybercriminals carrying out phishing attacks, Forbes points out. These types of ploys will generally lead customers to a fake login portal, which will capture their login details.

The following week, Mitrovic received another notification to approve an account recovery, alongside a call from an Australian number 40 minutes later. This time he decided to pick up. An “American voice, very polite and professional” told the IT expert there has been suspicious activity on his account. The caller said someone illegally accessed his account and downloaded his account data over the course of a week, which reminded him of the previous incident. The IT expert did his due diligence before taking things further and discovered the caller’s number was the official one listed as Google Australia’s IT support. He decided to ask for a confirmation email only to find the email he received appeared to be an official one used by Google’s support team. But imitating real email addresses and phone numbers used by companies is a common attack vector used by cybercriminals, usually called “spoofing.”

Source: PC Mag