概要: 詐欺師たちは、AI生成の音声を使ってGoogle担当者になりすまし、セキュリティ専門家サム・ミトロヴィッチ氏のGmailアカウントの認証情報を盗もうとしました。AIを駆使したこのフィッシング詐欺では、偽のGoogle電話番号と偽造メールアドレスが使用され、詐欺行為が本物であるかのように装われていました。ミトロヴィッチ氏は、発信者のプロフェッショナルな態度、AI生成の音声、そしてGoogle関連の電話番号が組み合わさることで、疑いを持たないユーザーを簡単に騙すことができると指摘しました。
Editor Notes: Timeline notes: On October 7th, 2024, Sam Mitrovic, a security expert, is reported to have received an unsolicited Gmail recovery notification and a missed call seemingly from Google. A week later, on October 14th, 2024, Mitrovic is also reported to have received a similar recovery notification, followed by another call, which he answered. Please also refer to Incidents 941 and 942.
推定: Unknown scammers , Google , Gmail と Unknown spoofing technologyが開発し提供したAIシステムで、Sam Mitrovicに影響を与えた
インシデントのステータス
Risk Subdomain
A further 23 subdomains create an accessible and understandable classification of hazards and harms associated with AI
4.3. Fraud, scams, and targeted manipulation
Risk Domain
The Domain Taxonomy of AI Risks classifies risks into seven AI risk domains: (1) Discrimination & toxicity, (2) Privacy & security, (3) Misinformation, (4) Malicious actors & misuse, (5) Human-computer interaction, (6) Socioeconomic & environmental harms, and (7) AI system safety, failures & limitations.
- Malicious Actors & Misuse
Entity
Which, if any, entity is presented as the main cause of the risk
Human
Timing
The stage in the AI lifecycle at which the risk is presented as occurring
Post-deployment
Intent
Whether the risk is presented as occurring as an expected or unexpected outcome from pursuing a goal
Intentional