Red alert warning for Gmail users as experts say it could be ...

The new AI-powered email scam is fooling even the most eagle-eyed Gmail users with crooks using a range of tactics to try and steal personal data and gain full access into accounts

Gmail users are being warned about a new scam doing the rounds. The sophisticated and "devastating" hack is using a new tactic to try and steal personal data and gain full access to accounts.

AI is being used to dupe unsuspecting email holders, and it's alarmingly easy to see why some are falling prey.

The FBI originally flagged this emerging threat back in May with warnings about an uptick in Artificial Intelligence scams, triggered by alarming instances where individuals suffered financial and identity theft at the hands of cyber felons.

Special Agent in Charge Robert Tripp warned at the time: "Attackers are leveraging AI to craft highly convincing voice or video messages and emails to enable fraud schemes against individuals and businesses alike. These sophisticated tactics can result in devastating financial losses, reputational damage, and compromise of sensitive data."

And the situation has only escalated since, with even more people becoming targets. Now, cybersecurity team Malwarebytes is stepping up with fresh advice, outlining red flags and protection strategies for users, reports the Mirror.

Here’s how the cons unfold. Victims first receive calls alleging that their Gmail accounts are under attack. Soon after, they’re hit with a fraudulent but convincingly real email, seemingly dispatched from Google itself.

Malwarebytes has sounded the alarm on a new scam targeting Gmail users, warning that the aim is to trick individuals into handing over their recovery codes. "The goal is to convince the target to provide the criminals with the user's Gmail recovery code, claiming it's needed to restore the account," Malwarebytes explained.

Victims of this scam risk not only losing access to their Gmail but potentially falling prey to identity theft. Sam Mitrovic, a Microsoft solutions consultant who experienced an attempt first-hand and blogged about it, received a notification for a Gmail account recovery which was quickly followed by a seemingly legitimate call about suspicious activity on his account.

He sensed something was amiss and disconnected the call. "The scams are getting increasingly sophisticated, more convincing and are deployed at ever larger scale," said Mitrovic.

"People are busy and this scam sounded and looked legitimate enough that I would give them an A for their effort. Many people are likely to fall for it."

The FBI has also issued a caution regarding unsolicited emails and texts leading to fake websites designed to steal credentials. Malwarebytes advises extreme caution if you receive such communications from Google, as they could be part of a phishing scheme.

They have offered advice to help users protect themselves against these AI-driven Gmail phishing attacks.

• Never click on links or download files from unexpected emails or messages.

• Don't enter personal information on a website unless you are certain it is legitimate.

• Use a password manager to autofill credentials only on trusted sites.

• Monitor your accounts for signs of unauthorised access or data leaks.

• Verify security alerts by visiting your Google Account page directly instead of using links in emails.

• Use multi-factor authentication (MFA) for all accounts• Protect your devices with up-to-date security software (such as Malwarebytes Premium Security), and use text protection and text message filtering on your mobile device.