October 13, 2024

Davey Winder – Senior Forbes Contributor

Davey Winder is a veteran cybersecurity writer, hacker and analyst.

Updated Oct 13, 2024, 11:33am EDT

Update, Oct. 13, 2024: This story, originally published Oct. 11, includes details of a new Google anti-scam alliance initiative, a new warning about legitimate-looking support scams and details of Google’s Advanced Protection Program to protect high-risk accounts.

Google has implemented increasingly sophisticated protections against those who would compromise your Gmail account—but hackers using AI-driven attacks are also evolving. According to Google’s own figures, there are currently more than 2.5 billion users of the Gmail service. No wonder, then, that it is such a target for hackers and scammers. Here’s what you need to know.

The Latest AI-Driven Gmail Attack Is Scary Good

Sam Mitrovic, a Microsoft solutions consultant, has issued a warning after almost falling victim to what is described as a “super realistic AI scam call” capable of tricking even the most experienced of users.

It all started a week before Mitrovic realized the sophistication of the attack that was targeting him. “I received a notification to approve a Gmail account recovery attempt,” Mitrovic recounts in a blog post warning other Gmail users of the threat in question. The need to confirm an account recovery, or a password reset, is a notorious phishing attack methodology intended to drive the user to a fake login portal where they need to enter their credentials to report the request as not initiated by them.

Unsurprisingly, then, Mitrovic wasn’t falling for this and ignored the notification that appeared to originate from the U.S. and a missed phone call, pertaining to be from Google in Sydney, Australia, some 40 minutes later. So far, so relatively straightforward and easy to avoid. Then, almost exactly a week later, the fun started in earnest—another notification request for account recovery approval followed by a telephone call 40 minutes later. This time, Mitrovic didn’t miss the call and instead picked up: an American voice, claiming to be from Google support, confirmed that there was suspicious activity on the Gmail account.

Forbes Daily: Join over 1 million Forbes Daily subscribers and get our best stories, exclusive reporting and essential analysis of the day’s news in your inbox every weekday.Sign Up

By signing up, you agree to receive this newsletter, other updates about Forbes and its affiliates’ offerings, our Terms of Service (including resolving disputes on an individual basis via arbitration), and you acknowledge our Privacy Statement. Forbes is protected by reCAPTCHA, and the Google Privacy Policy and Terms of Service apply.

“He asks if I’m traveling,” Mitrovic said, “when I said no, he asks if I logged in from Germany, to which I reply no.” All of this to engender trust in the caller and fear in the recipient. This is when things turned dark fast and really rather clever in the overall scheme of phishing things. The so-called Google support person informed Mitrovic that an attacker had accessed his Gmail account for the past 7 days, and had already downloaded account data. This rang alarm bells as Mitrovic recalled the recovery notification and missed call from a week earlier.

For full story, check it out on Forbes website.

Recommended Posts