The email that a person has with Gmail It is also an access account to the services of Googlewhich in case of robbery increases the risk that a cybercrime be done with its entire digital life, a threat that grows with the tools of artificial intelligence (IA).
The use of artificial intelligence in cybercrime is not new, but in recent years it has facilitates the creation of ‘malware’ and increasingly complex and difficult malicious campaigns. The appearance of the generative AI has added an additional degree of realism, supplanting with effects of trusted organizations, and even successfully simulating the voice and image in manipulated calls and video calls or ‘Deepfakes’.
These are tools that can be found for a reduced price in the world of cybercrime. According to the report ‘State of the Scamiverse 2025 ′ of McAFee, scams based on’ Deepfakes’ can be created for 5 dollars in less than ten minutes.
From Malwarebytes Labs they warn of the threat of the combination of these technologies in AI in the campaigns directed against Gmail users, in what they have shared as an example of what is expected to be the attacks with the aghe or based on agents .
“Often, these begin with a call to users, stating that their Gmail account has been compromised. The objective is to convince the objective of providing criminals with the user’s Gmail recovery code, claiming that it is necessary to restore the account, ”they explain in their official blog. It is usually accompanied by an email, which appears in a very realistic way to proceed from an authentic Google domain.
“With the recovery code, criminals not only have access to the Gmail of the objective but also to a large amount of services, which could even result in an identity theft,” they warn from this cybersecurity firm.
Therefore, and to avoid falling into this type of scams, they recommend being attentive to the ’emails’ and SMS that arrive without being requested, especially if they have a link, because clicking on it could suppose the discharge of ‘malware’.
They remember that you do not have to provide personal data on websites, unless you have the certainty that they are legitimate, and recommend reinforcing the safety of access credentials with a password manager and with the implementation of double factor authentication.