Verified Email Threat, Costly Ransomware Attacks, Deepfake Audio Shock

Hey people! Hope you all are safe and sound, away from the clutches of the cybercrooks.

It is week 4, and we are here with the 4th cyber bulletin of the month. This week, we will talk about the latest flaw in Google’s email system. Also, we will have a look at the expenses of ransomware attacks on banks. Lastly, we will talk about the intricacies of AI-generated deepfake voices.

Let’s not waste any time!

Scroll down and get started.

Google warns Gmail users against malicious emails from verified IDs!

Gmail users, this one is for you!

Recently, Google has detected a flaw in its email system, because of which threat actors are trying to carry out phishing attacks even from verified emails. Google is currently working on the utmost priority to fix the issue.

These malicious emails are difficult to detect, as they appear to be originating from legitimate domains. Through these emails, the cyberattackers try to convince Gmail users to share their account credentials. While Google is trying to come up with an instant solution, the tech giant has urged Gmail users to stay vigilant.

Software developer Nick Johnson shared his experience on X. He received an email that seemed to be coming from “no-reply@google.com.” The link in that email claimed to take users to one of the Google support pages. However, Nick realized that this malicious link would direct users to a phishing site on “Google’s own platform.”

The concerning part is that this malicious email was able to go undetected despite email authentication checks such as SPF, DKIM, and DMARC. Also, the email was delivered within the same thread in which Gmail had been sending genuine security alerts. The phishing email campaign has been designed to collect the user credentials and thereby gain complete access to Gmail accounts and other related data.

Google is currently working to find a quick and permanent fix for this issue. It has also urged Gmail users to go for two-factor authentication and leverage passkeys to bolster their email systems.

Ransomware attacks cost banks as much as $6.08 million, leading to severe downtime and reputational damage

Global financial institutions are facing a staggering upsurge in ransomware attacks. As per a recent discovery, a single ransomware attack may cost a bank as much as $6.08 million on average. This excludes any charges that are required to bring in the cybersecurity upgrades and regulatory expenses. 

Another major repercussion of ransomware attacks on financial organizations is operational downtime and reputational damage. Both lead to severe loss of credibility and customer trust. Also, in the long run, it may have a negative impact on stock prices.

Over the last couple of years, ransomware attacks have emerged as one of the major threats to the financial sector. In 2024 alone, cybercrooks managed to carry out a whopping 3348 attacks globally on banks and other financial institutions.

To curb this situation, regulatory bodies are doubling down with stringent cybersecurity norms and regulations. For instance, now the banks are required to inform authorities about a cyberattack within the first 36 hours of the incident. Any leniency in compliance will further put a strain on finances because compliance failure will lead to substantial fines. 

Deepfake voices can sound more real than you think!

Deepfake voices are increasingly becoming a major cause of concern. Threat actors use deepfake voices to manipulate you into sharing personal details, which they can later use to gain access to your network and systems. The worst part is that AI-generated deepfake voices are getting real with time. More and more people are now finding it hard to tell apart deepfake voices from human ones.

With time, AI is continually improving, and the eerie similarity between these deepfake voices is definitely a cause for concern. Deepfake voices can mimic that accent, initiate realistic conversations, and even incorporate brief pauses and whispers to sound more authentic. 

As AI gradually improves at replicating human voices, here’s what cyberexperts suggest to help you spot a deepfake voice.

Lack of coherence in speech

Deepfake voices are often not conversational enough. You will see that gap, that unnecessary jump from one topic to another. The natural flow that you generally experience while talking to your loved ones will be missing.

So, if you hear unusual background noise, then it is highly likely that it is a deepfake voice. Also, listen carefully and be alert if you hear mispronounced words or slurred speech. Pay extra attention if you hear them stumbling over certain phrases.