Approximately Two Billion Individuals Face Potential Deception Due to Recent Scam
Fraudsters Masquerading as Google Workers are on the Rise
Users of the "Gmail" email service should remain cautious as fraudsters are increasingly posing as Google employees. Even a professional from Microsoft's security services stumbled upon the latest scheme. Utilizing sophisticated technology, such as artificial intelligence and automated processes that can respond to speech, these criminals aim to obtain personal information from their victims. The intended use of this information is currently unclear, but with over two billion users, any misuse could have significant consequences in online shopping or contract commitments should the data fall into the wrong hands.
The new method employed by scammers is crafty and difficult to discern. As reported by Microsoft expert Sam Mitrovic in his blog, he initially received an email requesting him to verify a login attempt. Being a common occurrence in online scams, Mitrovic dismissed it as such. Approximately three-quarters of an hour later, his phone rang, with "Google Sydney" claimed to be the caller, but Mitrovic overlooked the call and soon forgot.
A week later, Mitrovic received the same email once more. And, about 40 minutes later, he answered the phone. An American voice, polite and professional, was on the other end. This wasn't surprising to Mitrovic, given that he also resides in Australia.
The "Gmail" Scam: How Criminals Operate
The supposed Google employee inquired if Mitrovic was traveling at the time. An alleged login attempt had originated from Germany. "He claimed that someone had gained access to my account for a week and had downloaded the account data (I then recalled the notification from a week ago)," Mitrovic described the situation. This was intended to instigate him into acting impulsively and disclosing his password confirmation code. Mitrovic then searched for the phone number that had contacted him and discovered that it was actually linked to Google in Australia, as per the company's official website.
Mitrovic requested his conversation partner to send an email to validate the process. A moment passed before he found it in his inbox. "At first glance, the email appeared genuine - the sender was from a Google domain," the internet specialist noted. However, he also noticed a secondary email address in the "To" field that was not affiliated with Google - a red flag!
Soon after, Mitrovic experienced another development: "The caller said 'Hello', I ignored it. About 10 seconds later, the voice said 'Hello' again. At this point, I could identify it as a bot, as the pronunciation and the intervals were too consistent." Mitrovic promptly terminated the call. Upon returning home, he dialed back but received no response - only an answering machine pretending to be "Google Maps".
Identifying the Google-Mail Scam: Exposing the Fraud
When Mitrovic reviewed his device's login activity, he began to suspect something: No login attempt had occurred from Germany. Moreover, he noticed that the supposed confirmation email contained inauthentic details. The sender was not actually Google, and the phone number displayed during the call was manipulated. Mitrovic was, in fact, contacted from a different number.
His Insight: "The scams are growing in sophistication, becoming increasingly convincing, and are being employed on a larger scale. This particular scam was serious enough that it deserved a score of one for effort. Many individuals might fall for it." Mitrovic recommend verifying phone numbers before answering calls and scrutinizing email sender details, especially if they appear dubious. A single click on the sender's details often reveals the true address, and it's essential to be cautious if Google claims to have contacted you - unless you have a business account, such calls are rare.
The scam Mitrovic encountered can be categorized as phishing, as the fraudsters aimed to obtain his personal information. Despite recognizing the initial email as a common online scam, Mitrovic fell victim to the phone call, demonstrating how convincing these scams can be.
