Gmail Users Warned About New Account Takeover Scam: Here's What To Look For

A security researcher and a technology startup CEO are warning Gmail users about a sophisticated AI-based phishing scam that could lead to account takeover. The scammers claim to be Google Support, using an AI-generated voice and a caller ID that matches, but is not verified. They tell the victim that they need to verify their identity due to a death certificate filed for a family member trying to recover the account. The scammers then ask the victim to allow password recovery, which would give them access to the account. IT consultant Sam Mitrovic reported a similar scam attempt targeting Gmail accounts, where he received a notification to approve an account recovery and a subsequent phone call with an AI-generated voice. Mitrovic noted that the scam sounded and looked legitimate, but he was able to identify it as a scam due to several red flags, including the fact that he did not initiate the account recovery and the email address was not connected to a Google domain. The scammer's email also had a spoofed address and a reverse number search showed that others had received the same scam call. Mitrovic warned that the scam is sophisticated and could trick many people, and advised users to be vigilant and do basic checks to avoid falling victim. Garry Tan, CEO of Ycombinator, also warned about the scam on social media, advising users not to click yes on the dialog box. The Epoch Times contacted Google for comment but received no response. The scam highlights the increasing sophistication of phishing scams and the need for users to be cautious when receiving unsolicited calls or emails.