Associated Incidents
A major cyber security threat targeting Gmail users worldwide has been identified. This scam uses artificial intelligence (AI) to create highly convincing deepfake robocalls and e-mails designed to trick victims into revealing sensitive information. The combined tactic effectively mimics legitimate communications from Google and makes users believe their accounts have been compromised.
Victims received a phone call warning them of suspicious activity in their accounts and get redirected to an e-mail with instructions on how to fix the problem. The e-mail contains a link to a website that looks a lot like Google's official login page and asks users to enter their credentials. The ultimate goal of this campaign is to obtain the victim's Gmail recovery code, giving hackers access not only to their e-mail account, but also to all other services associated with it.
Cyber security experts warned that such malpractice can lead to a variety of consequences for victims, including financial losses, reputational damage and compromise of sensitive personal data. The FBI has emphasised the seriousness of this threat by pointing out the sophisticated tactics of cybercriminals who use readily available AI tools to carry out these attacks at relatively low cost.
In addition to the Gmail threat, a separate scam has surfaced that targets iPhone and Android users and uses spoofed caller ID to impersonate legitimate organisations such as banks and law enforcement agencies. Victims may receive phone calls purportedly from these institutions trying to extract personal or financial information. Users have been advised not to give out information over the phone unless they independently verify the caller's identity.
Business AM