For enhanced security, users are encouraged to enroll in Google's Advanced Protection Program, which requires passkeys and security keys for identity verification.

Gmail users are currently facing a sophisticated AI-powered scam that utilizes realistic phone calls and emails to compromise their accounts.

The FBI first identified this scam last year, and as incidents have increased, Malwarebytes has issued a fresh alert to the 1.8 billion Gmail users worldwide.

Cybersecurity experts warn that legitimate tech companies, such as Google and Microsoft, will never initiate calls regarding account issues, urging users to remain vigilant.

The scam typically begins with a notification for Gmail account recovery, followed by a convincing phone call from a number that appears to be associated with Google.

Microsoft consultant Sam Mitrovic described the scam as increasingly sophisticated and capable of deceiving busy individuals due to its authenticity.

Scammers exploit emotional psychology, crafting urgent communications that provoke quick reactions from victims without allowing for careful thought.

The scam specifically targets Gmail recovery codes, which are one-time passwords used during the account recovery process, granting full access to Google accounts if stolen.

Scammers often send codes to victims' phones to reset their accounts, mimicking secure authentication procedures to gain trust.

To enhance the scam's credibility, victims simultaneously receive seemingly legitimate emails from authentic Google domains.

FBI Special Agent Robert Tripp highlighted that attackers are using AI to craft convincing messages, leading to significant financial losses and damage to sensitive data.

The FBI warned that AI scams are becoming more sophisticated, allowing cybercriminals to automate the creation of thousands of personalized scam messages.