Hackers use AI to target Gmail users in phishing scam
A “red alert” warning has been issued to 1.8 billion Gmail users regarding a sophisticated scam that enables hackers to access accounts and steal data.
Cybercriminals are now leveraging artificial intelligence to create deepfake robocalls and advanced phishing emails that can bypass security filters, according to a report by DailyMail.com.
How the scam works
Victims receive a phone call in which hackers attempt to convince them that their Gmail account has been compromised. The caller warns of suspicious activity and instructs the user to follow up by clicking a link in an email they will receive.
The email, designed to mimic Google’s interface, contains a fraudulent login page where users are prompted to enter their credentials. Once entered, hackers gain immediate access to personal data and any connected services.
Growing concerns over AI-driven cybercrime
The FBI has previously warned that these sophisticated tactics can lead to severe financial losses, reputational damage, and the compromise of sensitive information.
Cybersecurity experts at Malwarebytes highlighted that scammers often manipulate victims into providing their Gmail recovery codes, allowing criminals to take full control of accounts.
A recent report by Malwarebytes further revealed that AI is being weaponized by cybercriminals, with deepfake-generated scams now being created in under ten minutes. Researchers found that the cost of launching advanced email scams starts at just $5, making them accessible to a wide range of bad actors.
“These criminals are using AI-powered tools to craft emails that evade security filters. When combined with deepfake robocalls, these methods could deceive a significant number of people,” the report warned.
How to protect yourself
Cybersecurity experts urge Gmail users to take precautionary steps against these scams:
- Avoid clicking links or downloading attachments from unsolicited emails.
- Do not enter personal information on websites unless their legitimacy is verified.
- Use a password manager to autofill credentials only on trusted sites.
- Enable multi-factor authentication for additional security.
- Install security software to detect and block phishing attempts.
With cybercriminals becoming increasingly sophisticated, experts stress that vigilance is crucial in protecting personal information from AI-driven threats.
