Source: Inc

A new AI-based Gmail account takeover scam has surfaced, catching unsuspecting users off-guard with its sophisticated tactics. IT consultant Sam Mitrovic, who recently encountered this scheme, warns users to be cautious of unusual Gmail recovery attempts followed by suspiciously professional-sounding customer service calls.

The Call That Raised Red Flags

Mitrovic initially received a notification asking him to approve a Gmail account recovery, which he denied. But just 40 minutes later, he got a call from a number that appeared to be Google Sydneyโ€™s official line. He declined the call but felt uneasy. A week later, another recovery attempt was made, followed by another callโ€”this time from a number in Australia. Curious, Mitrovic answered.

The caller was โ€œpolite and professional,โ€ claiming that his account had been accessed illegally and his data downloaded. This alarmed Mitrovic, reminding him of the previous incident. The call seemed legitimateโ€”so much so that when Mitrovic asked for confirmation, the number and email he received matched Google Australia’s support team.

Has anybody seen this scam before?Asking to add a random email to my Instagram account to โ€œverify my identity?โ€ : r/Scams
Source: Reddit

How to Stay Safe from Sophisticated Scams

However, Mitrovicโ€™s diligence paid off. After carefully checking the emailโ€™s details, he noticed that the email was not from an official Google domain but a cleverly disguised fake. He also found no signs of unusual logins in his account history. Thatโ€™s when Mitrovic realized the call wasnโ€™t genuineโ€”the voice, while seemingly perfect, was too flawless. The caller wasnโ€™t a real person but an AI-generated voice designed to imitate Googleโ€™s support.

This scam leverages common phishing tactics like spoofing phone numbers and email addresses, making it harder for even tech-savvy individuals to identify. The end goal is usually to capture login details through fake login portals or even use “cookie-stealing malware” to bypass two-factor authentication.

Gmail's new security update that's going to protect from โ€ฆโ€ฆ | by SIDDARDA GOWTHAM JAGABATHINA | Medium
Source: Gotham

Mitrovicโ€™s experience serves as a reminder of the increasing sophistication of cybercriminals. He advises users to remain vigilant, double-check email addresses and phone numbers, and never act impulsively during unexpected recovery attempts. Seeking help from trusted sources when in doubt can save you from falling victim to these kinds of scams.

Stay tuned to Brandsynario for latest news and updates.

Usman Kashmirwala
Your thoughts are your biggest asset in this world and as a content writer, you get a chance to pen down these thoughts and make them eternal. I am Usman Kashmirwala, apart from being a movie maniac, car geek and a secret singer, I am a guy lucky enough to be working in a profession that allows me to showcase my opinions and vision to the world every day and do my little part in making it a better place for all of us.