Cybersecurity experts have issued a 'red alert' to all 1.8 billion Gmail users over a dangerous new scam.
Another scam is doing its rounds, but not on WhatsApp or iPhones per se, this one has targeted users of Google Mail.
Hackers have developed a new scam that combines AI-generated deepfake robocalls with fake phishing emails. These calls and emails are capable of bypassing security filters so appear legit at first look.
Advert
The goal is to convince users that their account has been compromised and 'to provide the criminals with the user's Gmail recovery code, claiming it's needed to restore the account,' the experts explained.
It starts off with a phone call that informs you of suspicious activity on your account.
Users are then told an email will shortly follow with steps to 'rectify' the issue. But the email is completely fake.
Advert
Scarily enough, the email includes a website that looks identical to Google's login page in the hope that unsuspecting victims enter their credentials.
And as a result, hackers receive full access to your Gmail accounts.
But it's not just an email account we're talking about here. Losing access to your Gmail account could mean you lose access to all the other services connected to the platform.
"These sophisticated tactics can result in devastating financial losses, reputational damage, and compromise of sensitive data,' the FBI stated.
Advert
Cybersecurity company Malwarebytes confirmed that while the 'elements used in the attacks are novel, the combination might make the campaign extremely effective' and as such, the FBI's warning 'should not be taken lightly.'
They added: "This is especially because the AI tools that cybercriminals have at their disposal are relatively low cost: In one study, researchers found that the cost of advanced and sophisticated email attacks starts at just $5."
To stay safe and avoid falling victim, Malwarebytes has also issued guidelines for Gmail users.
Advert
The researchers urged users to never click on links or download files from unexpected emails - even if they seem urgent. Also, never enter personal information or login credentials on a site unless you’re 100% sure it’s legitimate.
"Use a password manager to autofill credentials only on trusted sites," the company added. "Monitor your accounts for signs of unauthorized access or data leaks."
Elsewhere, the FBI also warned iPhone and Android users about a string of new scams targeting bank accounts and personal data.
Always be on your guard and if you get a suspicious call claiming to be from a trusted company, hang up immediately and contact the official company.