Добавить новость

Мультижанровый фестиваль Volvov ManiFest вновь состоится в Москве

В Брянске проходят Всероссийские соревнования по дзюдо памяти Героя России О.С. Визнюка

Малыши капибары и гориллы родились в Московском зоопарке

На акциях памяти, приуроченных к годовщине убийства Навального, задержали как минимум 26 человек — «ОВД-Инфо»



Новости сегодня

Новости от TheMoneytizer

Don't Fall for This 'New' Google AI Scam

Tech headlines are abuzz this morning about a new AI scam targeting Google users. Forbes published a piece detailing two experiences with scammers, both of which involved likely AI-generated phone calls and multi-step schemes. Here's the thing, though: These scams aren't necessarily "new," and you should be wary of them—whether the actor purports to be from Google or not.

Watch out for these Google Account scams

Forbes' reporting highlights two specific but similar examples of this type of scam: One victim, Sam Mitrovic of Microsoft, received an alert regarding an account recovery request, which, when legitimate, are usually triggered when someone forgets their password. Because unprompted account recovery requests are often malicious in nature, Mitrovic ignore the alert, but received a phone call from "Google Support" just 40 minutes later. Mitrovic ignored this call, too, but soon after, received another alert followed 40 minutes later by a "Google Support" call.

This time, Mitrovic answered, to find a "representative" with an American accent who asked if Mitrovic had traveled recently, particularly to Germany. The answer was no, which lead the representative to warn Mitrovic that someone had been accessing their account from Germany for the past seven days, and had already downloaded data from the account. Mitrovic even googled the phone number "Google Support" was calling from, and found it lead to this official Google Support page. At first glance, you might think that confirms this is actually Google Support, but read the page closer, and you'll see this phone number is the number Google Assistant calls businesses from, not Google Support. This was, in the end, a scam.

Forbes' other example concerns Garry Tan, founder of Y Combinator, who reports he was also targeted in a similar scam. Tan also received a call from "Google Support," claiming that they had Tan's death certificate, and a family member was trying to use it to access Tan's account. Google Support was calling to both confirm that Tan was actually alive, and to share an account recovery request that Tan could use to "confirm" his account was active. That last bit is the real scam: Tan highlights that the account recovery request was definitely fraudulent, as the "device" the request was coming from said Google Support, not an actual device. Someone is spoofing that field, and if Tan had hit "Yes, it's me" on the alert, the attacker would have been able to reset the password on Tan's Google Account.

While it can't be confirmed, it appears the phone calls used in each example were AI-powered. Mitrovic and Tan both confirm the voices were convincing, but in Mitrovic's case, the "caller" said "hello," and, after no response, said "hello" the same way again. That, coupled with perfect pronunciation and spacing, convinced Mitrovic the voice was actually AI—telltale signs of generative AI-powered audio.

In practice, this scam is nothing new

While the news is buzzing about this new type of AI-powered scam, the underlying tactics here are pretty classic. You can protect yourself by knowing what to look out for, whether the attackers use AI or not.

First, big tech companies like Google simply don't call you out of the blue to warn you about a potential security breach with your account. In fact, Google, and companies like it, are notorious for their lack of human-based support in general. If you can't get in touch with a real person when you knowingly need help, there's no shot a Google rep is going to reach out to you first. So, whether it's a convincing AI-powered voice on the other end of the phone, or a pretty terrible human actor pretending to be a live Google representative, receiving a call from a company like this should be a large enough red flag to ignore the situation.

On the flip side, we have the account recovery request. This is a textbook scam method: Trigger an account recovery alert on the user's end, and convince them accepting it means they're confirming their identity. That is simply not what this system is designed for, and it's what hackers are counting on you to fall for. Account recovery requests are supposed to be triggered by you whenever you are otherwise unable to access your account, perhaps in the event that someone has actually hacked your account. You tell Google that, and they send an account recovery request to your attached email address. You open that email, click "Yes, it's me," and you're able to continue on with your account recovery process. No one else is involved in the process, and the request isn't used for any other purpose.

Hackers, however, will pretend to be from Google Support, and say that this account recovery request is just a way to confirm your identity, or that your account is active. However, when you click that "Yes, it's me" button, what you've done is trigger the account recovery process on their end. They now have the power to get into your account, and potentially lock you out of it and steal your information.

Bottom line: If you did not trigger that account recovery alert yourself, it's not legitimate. Do not click on it.

If you're worried about being hacked

If you receive a phone call or a message like this, it's likely a bad actor looking for a phishing victim. Without your input, they will simply move on to another victim. However, it's not a bad idea to run through some steps to make sure your account is actively protected.

Focusing on Google, you can go to your Google Account's Security settings page to review a dashboard of your account's security health. Here's where you'll see all your active sessions, whether Google has any security alerts for you to manage, and settings for things like two-factor authentication, passwords, passkeys, recovery emails, and phone numbers, among others.

If you're worried about your account's current security level, look at your active sessions: This is where you're currently logged into. If you don't recognize a device or a location, you can click on it and sign that device out of your account. Just know if you're using a VPN, or Apple's iCloud Private Relay, you may see sessions from unknown locations on your trusted devices, as these services obfuscate where your actual internet traffic is coming from.

In addition, it's a great idea to change your password every now and then, and ensure you're using two-factor authentication (2FA). That way, if an attacker does figure out your password, you have a secondary authentication step that requires a trusted device—something the attacker likely does not have. Consider setting up passkeys as well, which combined the best of both worlds between passwords and 2FA.

At the end of the day, attackers employing these scams can't actually break into your account themselves—that's why they're targeting you. They need you to click on their malicious links or authenticate yourself on their behalf. So long as your password is strong, and you have other forms of authentication as a backup, the best way to avoid being a victim in these types of scams is to simply ignore them.

Читайте на 123ru.net


Новости 24/7 DirectAdvert - доход для вашего сайта



Частные объявления в Вашем городе, в Вашем регионе и в России



Smi24.net — ежеминутные новости с ежедневным архивом. Только у нас — все главные новости дня без политической цензуры. "123 Новости" — абсолютно все точки зрения, трезвая аналитика, цивилизованные споры и обсуждения без взаимных обвинений и оскорблений. Помните, что не у всех точка зрения совпадает с Вашей. Уважайте мнение других, даже если Вы отстаиваете свой взгляд и свою позицию. Smi24.net — облегчённая версия старейшего обозревателя новостей 123ru.net. Мы не навязываем Вам своё видение, мы даём Вам срез событий дня без цензуры и без купюр. Новости, какие они есть —онлайн с поминутным архивом по всем городам и регионам России, Украины, Белоруссии и Абхазии. Smi24.net — живые новости в живом эфире! Быстрый поиск от Smi24.net — это не только возможность первым узнать, но и преимущество сообщить срочные новости мгновенно на любом языке мира и быть услышанным тут же. В любую минуту Вы можете добавить свою новость - здесь.




Новости от наших партнёров в Вашем городе

Ria.city

Рыбак утонул в пруду в Изобильненском округе

«Наоми не наша семья»: дочь Петра Чернышева от Анастасии Заворотнюк приревновала его к другой женщине 

Захарова: сравнение России с гитлеровской Германией будет иметь последствия

Не слабо: чем интересны соперники сборной в первой половине 2025 года

Музыкальные новости

Безнаказанность Алиева и азербайджанских олигархов России: Москва вновь оплачивает бакинские счета

В Театре Дениса Матросова пройдет премьера спектакля «Комедианты. Осколки шоу-бизнеса»

Концерт органной музыки из цикла «Контрасты эпох» состоится сегодня

Сергей Собянин. Главное за день

Новости России

Дорожное продвижение: 50% такси предлагают обязать иметь детские кресла

Производители бумаги подали в суд на Влада Бумагу и требуют 6 миллионов рублей

Мультижанровый фестиваль Volvov ManiFest вновь состоится в Москве

Петербуржец выломал ногами стекло с целью покинуть трамвай

Экология в России и мире

Концерт Лолиты Милявской отменили в Ульяновске

Безнаказанность Алиева и азербайджанских олигархов России: Москва вновь оплачивает бакинские счета

Из Россию в Турцию запускают регулярный автобусный рейс с недорогими билетами: стали известны цены, маршрут и расписание

Что делать, если в семье есть психически больной — и он отрицает лечение

Спорт в России и мире

Кафельников призвал теннисистов бойкотировать матчи с Синнером

Сафиуллин заменит дисквалифицированного Синнера на турнире ATP в Дохе

Медведев вышел в полуфинал турнира ATP в Марселе

Делрей-Бич (ATP). Давидович-Фокина и Кецманович поборются за титул

Moscow.media

Большинство новых автомобилей в России продаются за 2–3 млн рублей

Депутат Барсов предложил пенсионерам продавать пирожки, если они не хотят мыть машины.

Беспроводной сканер штрих-кодов SAOTRON P05i промышленного класса

Нижегородку осудили за “пьяное” ДТП с гибелью человека











Топ новостей на этот час

Rss.plus






Малыши капибары и гориллы родились в Московском зоопарке

В Брянске проходят Всероссийские соревнования по дзюдо памяти Героя России О.С. Визнюка

Около 1,5 тысячи школьников стали участниками патриотической игры на территории мемориального комплекса на Поклонной горе

"Случайно на суде всё перепутали": юрист заставил навязчивую МФО просить о пощаде