Gmail Users Alert! AI scammers target Gmail users with realistic spoofing techniques

Cybercriminals are increasingly using AI technology to execute sophisticated scams, primarily targeting Gmail Users. With more than 2.5 billion accounts, Gmail presents an attractive opportunity for scammers who employ a tactic known as “super-realistic AI scam calling,” which can fool even tech-savvy individuals.

Sam Mitrovic, founder of CloudJoy and security expert, recently shared his experience of falling victim to such a scam. He received an email that appeared to be an approval notification for his Gmail account recovery, followed by a call displaying “Google Sydney” on the caller ID.

A week later, he received another recovery notification and a similar phone call from a legitimate phone number listed on the Googlesupport page. The caller claimed that their account had been accessed from abroad for over a week and that personal data linked to the account had been downloaded. An email confirming this problem, coming from a Google domain, further increased the scam’s credibility.

Mitrovic initially suspected foul play and sought validation online, eventually confirming that he was indeed the target of a spoofing attempt aimed at taking control of his Gmail account. The scam employed a legitimate-looking AI voice bot, a spoofed Google domain email through Salesforce CRM, and a phone number identical to Google Workspace support, making it easy to trick unsuspecting users into disclosing your credentials.

Historically, these scams required human resources to make calls, but the advancement of AI voice models has simplified the process, allowing scammers to initiate thousands of calls simultaneously.

To protect themselves against these threats, users should be aware that Google rarely contacts individuals by phone about personal accounts, generally preferring email. If you receive suspicious calls, it is advisable to check the number through platforms such as Truecaller. Regularly reviewing Gmail activity and enabling two-factor authentication (2FA) methods can also strengthen security. Ultimately, surveillance is essential to protecting digital identities as hackers continually refine their tactics to exploit unsuspecting users.