New Phishing Threat Targets Gmail Users

The Vietnam Cyber Emergency Response Center (VNCERT/CC), part of the Ministry of Information and Communications, has raised an alert regarding a novel phishing technique that employs AI and spoofing for the theft of Gmail credentials.

VNCERT/CC reports a widespread, sophisticated phishing effort that leverages AI and spoofing technologies to compromise users’ Gmail accounts. This scam involves fraudulent emails and calls that imitate Google, using artificial intelligence to craft convincing communications designed to deceive users into divulging their login details.

The scammers dispatch deceptive emails that seem to originate from Google, instructing users on how to supposedly recover their accounts. These emails include links leading to counterfeit websites that are made to resemble the genuine Gmail login interface, where they collect the victim’s login information.

Around 40 minutes post-email, victims receive a phone call from an individual impersonating a Google support representative, warning about suspicious activity detected in their Gmail account. To enhance their credibility, the fraudsters use AI-generated voices and software to spoof phone numbers, giving the call an authentic feel.

VNCERT/CC experts caution that this emerging phishing tactic poses a significant threat to Gmail users globally, putting their login details and personal information at risk. Users and system administrators are encouraged to be vigilant when receiving calls that seem to be from Google and to meticulously verify the sender’s email before taking any action.

If you suspect foul play, it’s important to avoid sharing any sensitive information via phone or email.