In recent days, numerous Gmail users around the globe have reported receiving deceptive phone calls from individuals posing as Google Support. These calls, powered by AI technology, aim to trick users into disclosing their account credentials, putting their personal data at risk.
The calls, which mimic legitimate Google Support communications, are part of an AI-driven scam designed to gain control of Gmail accounts. Sam Mitrovic, a Microsoft Solutions consultant, was one of the tech-savvy individuals who encountered this scam. Fortunately, he recognized the phishing attempt in time and did not share his account information, resulting in minimal loss.
Given the scale of this threat, with over 2.5 billion Gmail users worldwide, it’s crucial for all users to remain vigilant against this account recovery scam, which seeks to capture sensitive credentials and potentially lock users out of their accounts permanently.
In related news, concerns have arisen regarding Microsoft’s recent acquisition of ChatGPT, developed by OpenAI. Reports suggest that cybercriminals are increasingly using AI tools to create malware, spread misinformation, and execute spear phishing attacks. Proofpoint reported in April that a threat actor known as TA547 utilized AI-generated PowerShell loaders to deploy malware, including the Rhadamanthys info stealer.
Additionally, security researchers from Cisco Talos revealed in November 2023 that a Chinese advanced persistent threat (APT) group, SweetSpecter, has been targeting Asian government organizations to distribute malware and collect intelligence for the benefit of Beijing.
Recently, a hacker group believed to be based in Israel attempted to leverage AI tools, including those developed by ChatGPT, to identify vulnerabilities in Programmable Logic Controllers used in nuclear facilities. This information was allegedly used to infiltrate Iranian nuclear sites.
It’s important for readers of Cybersecurity Insiders to understand that these attacks are not being launched directly through the OpenAI platform. Instead, the software is being exploited by criminals to achieve their malicious goals. The focus should be on the individuals misusing these technologies, as any innovation can be weaponized if it falls into the wrong hands.
Ad