A significant surge in mobile phishing attacks targeting Gmail and Outlook users has been observed in 2024, with cybercriminals employing increasingly sophisticated methods, including artificial intelligence-powered techniques. The escalation follows a broader trend of AI-enhanced cyber threats that security experts have been tracking since 2023.
A particularly notable threat comes from the Astaroth phishing kit, which targets users of major email platforms including Gmail, Outlook, and Yahoo. The kit uses reverse proxy technology to intercept requests after users click malicious links, directing them to fraudulent login pages. The approach enables man-in-the-middle attacks that capture login credentials, session cookies, and system information including operating system details, device data, and IP addresses.
Astaroth’s sophisticated capability to capture session cookies allows it to intercept two-factor authentication codes immediately after transmission, making it particularly difficult for users to distinguish between legitimate login processes and compromised ones. The attack method is especially concerning as it can bypass traditional two-factor authentication security measures that many users rely on for account protection.
The FBI has identified a new AI-powered phishing campaign specifically targeting Gmail users. The attack begins with a spoofed phone call appearing to come from Google, where the caller claims to represent the company and warns about unauthorized access attempts. The call is followed by a fraudulent email containing a code that, when used, grants attackers access to the victim’s account. The technique represents an evolution of traditional phishing methods, combining voice simulation technology with email-based attacks.
In response, the FBI recommends that users never share login credentials or passwords over the phone and advises disconnecting suspicious calls and contacting companies through official channels. Google has implemented additional security measures, including passkeys and smart keys, and has streamlined its Advanced Protection Program with passkey support, which provides enhanced security for high-risk users.
“Attackers are leveraging AI to create very convincing voice or video messages and emails to enable fraud schemes against individuals and businesses alike,” said FBI Special Agent in Charge Robert Tripp. “These sophisticated tactics can result in devastating financial losses, reputational damage, and compromise of sensitive data.”
The Astaroth kit is being distributed through Telegram and various cybercrime marketplaces, with distributors maintaining anonymity to avoid detection by security personnel. Security experts recommend that users exercise caution when logging into email accounts, verify website URLs, avoid clicking on received links, and maintain updated web security solutions.
According to Acronis research, phishing attacks increased by approximately 200 percent in the second half of 2024, highlighting the persistent threat these campaigns pose as primary infection vectors. The increase matches broader trends in cybersecurity, where mobile-based phishing attacks have become increasingly sophisticated and prevalent.
Sources: Hothardware, Marca, KnowBe4
Follow Us