A sophisticated new artificial intelligence (AI)-powered scam is targeting billions of users on the world’s largest email service.
Microsoft security expert Sam Mitrovic writes in a new blog post about a “super realistic AI scam call” that mimics American-sounding voices to trick Gmail users into giving up their login credentials.
The scam works by sending users a notification originating from the US about a Gmail account recovery attempt, before phoning the victim – in Mitrovic’s particular experience – from an Australian phone number labeled as “Google Sydney.”
After the second attempt, Mitrovic decided to pick up and entertain the scam.
On the other end of the call was an American voice who sounded “very polite and professional” with ambient call center chatter in the background, calling from an official Google phone number in Australia.
Mitrovic even heard typing when he asked the person to send him an email. However, Mitrovic noticed that the voice sounded a bit too “perfect.”
“The caller said Hello, I ignored it then about 10 seconds later, then said Hello again. At this point I released it as an AI voice as the pronunciation and spacing were too perfect.”
Mitrovic also noticed the email he received was from “GoogleMail at InternalCaseTracking.com” – a non-Google domain.
The security expert says if he had stayed on the call long enough, he believes the next step likely would’ve been to approve the account recovery notification before gaining complete control of his email.
The scam is centered on a combination of AI deepfakes and phishing techniques. Anna Collard, a cybersecurity expert from KnowB4 told Forbes,
“The main reason social engineering is so effective is that it keeps evolving. The rise of deepfakes, convincingly real images and videos artificially generated, has further exacerbated the potential for misinformation and manipulation.”
Don’t Miss a Beat – Subscribe to get email alerts delivered directly to your inbox
Check Price Action
Follow us on X, Facebook and Telegram
Surf The Daily Hodl Mix
 
Disclaimer: Opinions expressed at The Daily Hodl are not investment advice. Investors should do their due diligence before making any high-risk investments in Bitcoin, cryptocurrency or digital assets. Please be advised that your transfers and trades are at your own risk, and any losses you may incur are your responsibility. The Daily Hodl does not recommend the buying or selling of any cryptocurrencies or digital assets, nor is The Daily Hodl an investment advisor. Please note that The Daily Hodl participates in affiliate marketing.
Generated Image: Midjourney
Source link
Alex Richardson
https://dailyhodl.com/2024/10/25/2500000000-gmail-users-targeted-in-viral-ai-hack-that-tricks-users-into-accepting-security-alert-report/
2024-10-26 14:30:24