Cyber scams have evolved and now include attacks targeting Gmail users. A new scam has emerged within the Gmail ecosystem, using AI-powered tools to trick people into granting access to their accounts.
According to tech blogger and IT consultant Sam Mitrovic, this scam leverages AI to steal personal data by creating fake account recovery requests. With Gmail servicing over 2.5 billion users globally, these AI-powered scams represent a significant growing threat to digital accounts.
How the Scam Works
In this scam, you may receive an urgent message prompting you to recover your Gmail account—either via email or notification—even though you never initiated such a request. These recovery requests often originate from foreign countries.
Even if you decline the request, scammers may follow up with a phone call from what appears to be an official Google number. Believing the call to be legitimate, users may fall into the trap. The scammer typically warns that your account has been accessed from another country, instilling fear and pressuring you to approve the recovery request. Once you comply, the scammers gain access to your data and can misuse it for fraudulent activities.
In some cases, scammers also place calls using fake Google numbers, speaking in foreign languages and urging you to act quickly on your email. AI-generated emails and logos make these communications appear more convincing, further increasing the chances of falling victim to the scam.
How to Protect Yourself
Though it can be difficult to identify this scam, Mitrovic offers several tips to stay safe:
Never accept unknown account recovery requests. If you receive one, contact Google’s official helpline for assistance.
Verify the caller’s phone number. Google rarely makes direct calls for business-related matters. Always double-check the legitimacy of unsolicited calls.
Check email authenticity. Scam emails often have subtle differences from real ones, such as variations in the ‘To’ field or slight formatting errors.
Keep Gmail updated. Regularly monitor your email for any suspicious activity and updates.
By staying vigilant and following these precautions, you can significantly reduce your risk of falling victim to AI-based phishing scams. Always be cautious, double-check unusual account activity, and don’t hesitate to contact Google directly if you’re uncertain about any communication.