The danger of attacks against Gmail’s accounts has never been so high. The FBI has issued a New warning about the growing threats of “phishing”which are now driven by artificial intelligence, making them more sophisticated and difficult to detect.
According to experts, these threats can compromise not only email accounts, but also the Google ecosystem linked to them.
Phishing with AI
A recent Hoxhunt report revealed an alarming 49 % increase in phishing attacks that They manage to evade security filters from 2022. In addition, to 4.7 % of these threats are already generated by AI, which allows cybercriminals to create extremely convincing emails.
The report also highlights that 70 % of these attacks use malicious links to compromise user accounts. This highlights the importance of following FBI’s recommendations, Do not click suspicious linksand always verify the authenticity of emails Before interacting with them.
The new hacker tool
A recent discovery of Cyble Research and Intelligence Labs has revealed the use of Open Graph Spoofing Toolkita tool sold on the Dark Web for $ 2,500. This allows the attackers to manipulate metadata to create deceptive links They seem to come from reliable sources. Originally developed for private attacks, it is now being marketed to other cybercriminals.
The Open Graph protocol, created by Facebook to improve the visualization of shared links, is being exploited to make victims trust false pages. This kit allows attackers to customize links and redirections in real time, which makes conventional defenses less effective. Besides, admits collaboration between multiple hackersincreasing its danger.
Tips to protect yourself from online scams
The FBI emphasizes that the best defense is caution. You may receive an email that seems to come from a legitimate company requesting to update or verify personal information, they warn. To avoid falling into these traps, they recommend:
-
Do not click unknown links in emails or text messages.
-
Use a password administrator that avoids the entry of credentials into suspicious sites.
-
Verify manually Any information request directly accessing the official website, without using links provided in messages.
-
Monitor account activity regularly to detect possible unauthorized accesses.
Google has also reinforced its security measures and recommends Gmail users not to respond requests for private information by email or message. If there are doubts about communication, It is best to manually access the Google security page To verify the recent activity of the account.