This Gmail account takeover scam can fool the best of us


Google Search on smartphone stock photo (4)

Edgar Cervantes / Android Authority

TL;DR

  • AI technology is enabling increasingly sophisticated scams, including a Gmail takeover scheme where scammers impersonate Google.
  • IT consultant Sam Mitrovic encountered this scam, receiving a spoofed call and email that appeared legitimate but contained subtle red flags.
  • Users are urged to be vigilant and take steps to secure their accounts, such as changing passwords and enabling two-factor authentication.

With AI assistants and tools now widely accessible, scams are getting even more sophisticated. One such Gmail takeover scam is currently going around, wherein users are tricked into thinking they are interacting with Google. The scammers even spoof Google phone numbers and email addresses for the sake of credibility.

Sam Mitrovic, an IT consultant focused on Microsoft security, reports that he was the target of this scam. It started with him receiving a notification to approve a Gmail account recovery attempt. The request originated from the US. When he denied it, he received a call from an Australian number with a Google caller ID. He ignored the call and forgot all about it. A week later, the same thing happened again, and this time, he picked up the call. An American voice greeted him, with the individual claiming he was from Google and that the company had noticed suspicious activity on his Gmail account. When Mitrovic Googled the phone number from where the call originated, he found it in Google’s official list of numbers from where people can expect to receive calls from Google Assistant.

The caller then told Mitrovic that he had sent him an email. The email also seemed to originate from a Google domain. However, some minor sleuthing revealed a non-Google email address in the “To” field of the email. The email address was cleverly named “GoogleMail at InternalCaseTracking dot com.” This immediately concerned Mitrovic, who later also realized that the Google representative he was speaking with was using an AI voice.

Google email scam gmail takeover

Ultimately, Mitrovic did not fall for the scheme, but this isn’t the first time someone has reported the fraud. It seems incidents like these involving spoofed Google numbers and email addresses have been going on for a while. Others have reported receiving similar AI scam calls on Reddit.

These scam attempts should serve as a warning to readers to be extra vigilant on emails and calls. If you receive a call about suspicious activity on your Gmail account, be sure to investigate it thoroughly before taking any action. If you suspect that your Gmail account has been compromised, you can take the following steps to secure it.

  • Change your Gmail password immediately.
  • Enable two-factor authentication for your Gmail account.
  • Be wary of any emails or calls asking you to provide your personal information or click suspicious links.

You can also find tips on recovering your Google account if it’s hacked here.



Source link