A sophisticated artificial intelligence (AI) powered attack on Gmail has been confirmed, the latest in a series of threats against Google users. This particular attack involved an AI posing as a Google support technician, calling from a number listed on Google’s website. The AI warned the individual that their Google account had been compromised and was temporarily blocked. It then sent an email from a genuine Google domain and provided a code to reset the account. The attack was detected by Zach Latta, founder of Hack Club, who identified it as an AI-driven attack.
Similar AI-powered attacks were first reported in October, with this recent incident following a similar pattern. This highlights the need for Gmail’s 2.5 billion users to remain vigilant. Cybersecurity experts advise a proactive and flexible approach, including regular security assessments, threat intelligence, and incident response planning.
The sophistication of these AI attacks challenges traditional phishing mitigation advice. Victims have reported that the AI sounds like a real person, with a clear connection and accent. The AI even primes the target with notifications of compromise days before the actual attack. The recent target, a security consultant, managed to avoid falling prey to the attack, but it underscores the evolving threat landscape.