Hackers are now targeting Gmail account holders with “ultra-realistic AI scam calls” that can fool even the most experienced users With more than 25 billion Gmail users, according to Google figures, it is no wonder that hackers are targeting Google's messaging platform with increasingly sophisticated phishing attacks

Sam Mitrovic, a solutions consultant at Microsoft, noted the scam in a blog post detailing what recently happened to him This is a fairly common phishing technique that aims to send users to a fake login portal and quietly obtain their credentials Mitrovic did not fall for it and refused the request About 40 minutes later, he received a notification that he had missed a call claiming to be from Google Sidney

A week later, he received another notice requesting authorization to restore his account As before, about 40 minutes after he refused, he received another call This time he picked up the phone and an American man claiming to be from Google Support answered the call The man confirmed that there had been suspicious activity on his Gmail account and claimed that attackers had accessed the account for a week and downloaded account data Mitrovic recalled the notification a week earlier, which he said set off alarm bells

During the call, Mitrovic looked up the caller's phone number, and a Google search revealed that it was a legitimate number from a Google business page Still, knowing that scammers often use this trick to hide the caller's origin, he remained skeptical and asked the supposed contact person to send him an email to confirm that the call was genuine When the message arrived in his inbox, it appeared to be genuine, except that one of the addresses in the “To” field was a cleverly spoofed non-Google domain But the biggest takeaway came next:

“The caller said hello, I ignored it, and about 10 seconds later said hello again,” Mitrovic wrote At this point, the pronunciation and spacing were so perfect that we released it as an AI voice”

At that point Mitrovic realized it was a scam and hung up But it is frightening to think what would have happened if he had authorized the account recovery notification or given his credentials to the caller and allowed the scammer to stop taking control of his account

“The scam is getting more sophisticated, more convincing, and deployed on an increasingly large scale,” Mitrovic explained He added, “People are busy and this scam sounded and looked legitimate enough, so I want to give them an A for effort A lot of people could fall for it There are many ways to fight scammers, but on a personal level, the best way is to be vigilant, to do basic checks like the ones above and to seek help from people you trust"

Earlier this week, Google announced that it is partnering with the Global Anti-Scam Alliance (GASA) and the DNS Research Federation (DNS RF) to combat online fraud The initiative, called the Global Signal Exchange, is designed as an information-sharing platform to generate real-time insights into fraud, scams, and other cybercrime and shed light on the facilitators of cybercrime

In a blog post, Amanda Story, Google's senior director of trust and safety, said the joint venture will “leverage the strengths” of GASA's stakeholder network and DNS RF's data platform of more than 40 million signals to “leverage fraud signal exchange, enabling us to more quickly identify and stop fraudulent activity across different sectors, platforms, and services,” he explained

The engine behind the Global Signal Exchange runs on Google Cloud and “allows participants to share and use signals collected by other participants, while the AI capabilities of the Google Cloud Platform discover patterns and smart matching,” Story said

Phishing scams are one of the most common ways hackers try to steal your personal and financial information Unlike malware or malicious apps, phishing scams do not require you to install software or take any other action that would indicate a sign of danger Instead, hackers trick you into clicking on a link or downloading an attachment

That's why it's important not to be hasty when checking your inbox Scammers often create a sense of urgency and encourage anxiety and stress to get you to follow instructions before you think too deeply To avoid falling for phishing email tactics, it is important to remain calm and cautious

Hackers often attempt to phish by impersonating popular brands by spoofing a company's email address Watch for obvious red flags such as misspellings and poor grammar, and double-check that the sender's email address and phone number are correct If you are not 100% sure that an email you receive from any company is genuine, be wary

To protect your computer from malware and other viruses that can be transmitted by opening phishing emails, it is important to install the best antivirus software for your PC, Mac antivirus software for your Mac, and Android antivirus It is important to install an application