AI-Driven Phishing Scam Targets Gmail Users

This event describes a realized fraud scheme in which generative AI–produced voices are directly used by attackers to deceive victims and cause financial loss. The misuse of an AI system (voice cloning) has led to actual harm (drained savings), meeting the criteria for an AI Incident.

Hackers are using generative AI to produce super-realistic phone calls as part of an active phishing scheme targeting billions of Gmail users. The AI system’s misuse directly attempts to harm users by stealing credentials, qualifying it as an AI Incident.

While the AI-driven phishing calls have been deployed and target users, no actual theft or account compromise was reported in the described incident—Mitrovic successfully resisted the scam. The piece mainly warns of the tactic’s potential to drain accounts if victims comply. Therefore, it documents a credible risk of harm from AI misuse (a “near‐miss” phishing attempt) rather than a realized AI‐caused incident.

The article describes a real malicious use of AI for fraud where attackers employ AI-generated calls and crafted emails to deceive users into handing over credentials, resulting in financial loss. This constitutes direct harm caused by an AI system.

Scammers are using generative AI to create synthetic voices in real-time calls to deceive targets into clicking malicious links. This is a concrete example of malicious use of an AI system causing attempted fraud and potential harm, fitting the definition of an AI Incident.

The event involves an AI system used maliciously to generate a convincing voice impersonation in a phishing scam. This use of AI directly contributes to an attempt to harm individuals by fraudulently accessing their accounts, which fits the definition of an AI Incident due to the direct link between AI use and the harm attempt. The harm (attempted fraud and potential data theft) is realized as the scam is actively targeting users, even if this particular victim avoided loss. Therefore, this is classified as an AI Incident.

The article explicitly mentions the use of AI-generated voice in phishing calls, which directly contributes to the scam's effectiveness and the risk of harm to individuals' digital security and privacy. The AI system's involvement is in the use phase, enabling the scammer to produce convincing calls that increase the likelihood of successful fraud. The harm is to individuals' security and privacy, fitting the definition of harm to persons or groups. Hence, this is an AI Incident rather than a hazard or complementary information.

The event involves the use of AI systems to generate spoofed communications that deceive users, leading to harm through theft of sensitive information, which constitutes harm to persons. The AI system's use in the scam is a direct contributing factor to the harm. Therefore, this qualifies as an AI Incident.

The event involves malicious use of an AI system (voice synthesis) that directly led to unauthorized access and data theft from a user’s Gmail account—a clear harm to individuals. Therefore it qualifies as an AI Incident.

Malicious actors are actively using an AI system to clone Google’s customer-service voice in phone calls combined with phishing emails, directly aiming to gain unauthorized access to personal accounts. This is a realized harm (attempted data theft and privacy violation) caused by AI misuse.

Scammers are explicitly using an AI voice system to impersonate Google support, which directly facilitates fraudulent access to personal data. The misuse of AI in these calls is a direct cause of the harm (identity theft, data compromise) to Gmail users, constituting an AI Incident.

This is a realized malicious use of an AI system (deepfake audio generation) to deceive users and steal credentials, directly contributing to fraudulent harm. Therefore it qualifies as an AI Incident.

This is a real‐world phishing attack using AI voice generation to impersonate Google. The attackers have already initiated contact and set the stage for credential theft, representing a realized malicious use of AI with direct potential for harm (account compromise, data loss). This meets the definition of an AI Incident.

This is a realized, malicious use of AI systems—specifically voice-synthesis and automated document generation—to carry out deception and defraud users. The AI’s role is pivotal in making the scam convincing and in bypassing security filters, constituting an AI Incident with direct harm to users’ accounts and privacy.

The article reports an active phishing attack using AI-generated voices and messages that has already been deployed against users (e.g., Sam Mitrovic), causing or intending to cause identity theft and fraud. Because the AI system’s misuse has directly led to a harmful outcome, it constitutes an AI Incident.

The event involves the use of an AI system (an AI voice bot) in the malicious use phase to conduct phishing attacks that directly harm users by stealing credentials and personal data, which constitutes a violation of rights and harm to individuals. The AI system's role is pivotal in the attack's sophistication and success. Therefore, this qualifies as an AI Incident due to realized harm caused by the AI-enabled phishing attack.

The article explicitly mentions the use of an AI-generated voice to impersonate a Google employee in a scam targeting Gmail users. The AI system's use directly led to an attempted theft of Google account credentials, which is a harm to individuals' rights and security. The scam is active and has affected users, fulfilling the criteria for an AI Incident. The AI system's role is pivotal in making the scam convincing and effective. Hence, this event is classified as an AI Incident.

The event involves the use of an AI system to generate a highly realistic voice to deceive a person into giving access to their Gmail account. This use of AI directly contributes to a harmful scam targeting personal data, which is a violation of rights and privacy. The scam is active and has caused harm or attempted harm, meeting the criteria for an AI Incident. The AI system's role is pivotal in making the scam difficult to detect and thus enabling the harm.

The article explicitly mentions the use of an AI system capable of mimicking human voices to conduct fraudulent calls as part of a phishing scheme. This AI-enabled attack directly leads to harm by attempting to steal user credentials and personal data, which is a violation of users' rights and security. The harm is realized or ongoing as users are actively targeted and deceived. Therefore, this qualifies as an AI Incident due to the direct involvement of AI in causing harm through malicious use.

The event involves an AI system (AI-generated synthetic voice) used maliciously to impersonate support agents in a phishing scam. This AI-enabled attack has directly led to harm by deceiving users and stealing credentials, which is a violation of rights and causes harm to individuals. Therefore, it qualifies as an AI Incident. The article also discusses mitigation efforts, but these are complementary to the main incident of harm caused by the AI system's use in the attack.

The event involves the use of AI systems to generate realistic human-like voices and automate social engineering attacks, which directly lead to harm by compromising personal data and financial security. The scam has already been deployed and caused harm or near harm to individuals, fulfilling the criteria for an AI Incident. The article does not merely warn about potential harm but reports on actual occurrences of harm facilitated by AI.

The event describes a concrete phishing incident in which cybercriminals used AI-generated voices and fraudulent emails to impersonate Google Support and trick users into divulging account credentials. The AI system’s outputs were central to the scam and directly contributed to attempted harm (credential theft). Therefore, it qualifies as an AI Incident.

Criminals are using AI-powered deepfake audio in voice calls, directly leading to fraudulent phishing attacks. The harm (financial fraud risk) is materializing now, as illustrated by the near-victim experience of a Microsoft consultant and reports from businesses encountering deepfake scams. This meets the criteria for an AI Incident.

The scammers are actively using AI (voice generation) to trick victims, leading directly to account takeovers and theft of personal information. This is malicious use of AI with realized harm to users’ property and privacy, fitting the definition of an AI incident.

Scammers are using AI (voice synthesis) to impersonate Google representatives, directly leading to unauthorized access and harm to users’ account security. This constitutes an AI Incident, as the misuse of AI has directly caused real injury (account compromise and potential further fraud).

The article describes a real, ongoing scam where hackers use AI to generate human-like phone calls and phishing emails to extract credentials from Gmail users. The AI system’s malicious use has directly led to impersonation and potential theft of personal information, constituting a realized harm. Therefore, this qualifies as an AI Incident.

Attackers are already deploying an AI system (generative voice synthesis) to carry out social engineering calls that aim to steal credentials and hack Gmail accounts. The AI’s use in the scam is central to the harm (credential theft, account compromise), demonstrating a realized AI-enabled attack rather than a potential hazard or mere contextual update.

The article describes a realized malicious use of AI systems to craft sophisticated phishing attacks that directly cause harm (account takeover, data theft). This qualifies as an AI Incident because the AI’s use is pivotal to the incident and harm has occurred or is occurring.

The article explicitly mentions the use of AI to power sophisticated phishing scams that have already victimized many Gmail users, indicating realized harm to individuals through deception and potential account compromise. The AI system's involvement is in the use of AI-generated calls and email spoofing to perpetrate the scam, which directly leads to harm to users' security and privacy. Therefore, this qualifies as an AI Incident due to direct harm caused by the AI system's use in the scam.

The event involves the use of an AI system (machine learning models generating phishing emails and calls) whose use has directly led to harm or risk of harm to a large number of people by facilitating phishing attacks. The harm includes potential injury to users' privacy and security, which falls under violations of rights and harm to individuals. Since the attack is ongoing and actively putting users at risk, this qualifies as an AI Incident rather than a hazard or complementary information.

The article explicitly mentions the use of advanced voice AI technology to impersonate Google support in phishing scams targeting Gmail users. This AI-enabled scam has already caused harm by deceiving users and attempting to steal personal information, which constitutes harm to individuals' rights and security. Therefore, this event qualifies as an AI Incident because the AI system's use in the scam has directly led to realized harm through fraudulent activity and potential data compromise.

The scam explicitly involves AI in the form of an AI-generated voice used to impersonate a Google employee during phone calls. The AI system's use is central to the scam's effectiveness and the harm it causes, which is unauthorized access to Gmail accounts. This constitutes a direct harm to individuals' property and privacy, fitting the definition of an AI Incident. The harm is realized or ongoing as the scam is actively targeting users and has already affected at least one security expert. Therefore, this event qualifies as an AI Incident rather than a hazard or complementary information.

The event involves the use of AI systems (AI-generated voices) in the scam's operation, which directly leads to harm by enabling unauthorized access to personal accounts and potential data breaches, constituting harm to individuals' privacy and security. Therefore, it qualifies as an AI Incident because the AI system's use has directly led to realized harm through fraudulent activities and data compromise.

The event involves the use of an AI system (generative AI for voice deepfakes) in the scam, which directly led to harm by attempting to deceive the victim and potentially others, causing financial and informational harm. The AI system's involvement is explicit and central to the incident. The harm is realized (not just potential), as victims have lost money and been tricked. This fits the definition of an AI Incident because the AI system's use directly led to harm to persons and communities through fraud and deception.

The article explicitly mentions the use of AI to power phishing scams that have already affected many users, indicating realized harm through deception and potential account compromise. The AI system's involvement is in the use of AI-generated calls and email spoofing to perpetrate the scam. This meets the criteria for an AI Incident because the AI system's use has directly led to harm to people through fraud and deception. The article also discusses protective measures and calls for improved filters, but the primary focus is on the ongoing harm caused by the AI-powered scam.

The article explicitly mentions the use of AI (machine learning technology) to generate phishing emails that are highly convincing and include personal information, leading to successful scams and financial losses. This demonstrates direct harm to individuals (fraud, financial loss) caused by the AI system's outputs. The Digital Arrest scam, while not explicitly AI-driven, is part of the broader context of scams causing harm but the AI-generated phishing emails alone justify classification as an AI Incident. The involvement of AI in the phishing attacks and the resulting realized harm meet the criteria for an AI Incident.

The article explicitly mentions the use of AI to conduct sophisticated phishing attacks that have already targeted and deceived users, leading to potential account compromise and privacy violations. The AI system is used in the scam's operation, making it a direct cause of harm. The harm includes violations of privacy and potential unauthorized access to personal data, which fits the definition of harm to persons or groups. Since harm has occurred and AI is central to the scam's effectiveness, this is classified as an AI Incident.

The event explicitly mentions the use of AI-generated voices and AI-based impersonation in a scam that results in account takeovers, which is a direct harm to individuals' property and privacy. The AI system's use in the scam is central to the harm occurring, fulfilling the criteria for an AI Incident as the AI system's use has directly led to harm to persons (account compromise and data theft).

The event involves the use of AI systems to generate realistic voice calls (deepfakes) as part of a phishing scam, which has directly led to harm by deceiving users and potentially causing financial or data loss. The AI's role is pivotal in making the scam convincing and effective, thus constituting an AI Incident due to realized harm through malicious use of AI-generated content.

The article explicitly mentions the use of AI (machine learning) to generate phishing emails and calls that mimic authentic communication, leading to realized harm through fraud and potential identity theft. This fits the definition of an AI Incident because the AI system's use directly leads to harm to people (phishing victims). The harm is materialized, not just potential, and involves violation of privacy and security, which are significant harms. Therefore, this event is classified as an AI Incident.

The report details active misuse of AI systems—specifically AI-generated voices and automated interaction—to execute phishing attacks that have already deceived users and led to account compromises, constituting actual harm to personal data and property.

The article describes a real malicious use of an AI system—an AI-generated human-like voice—deployed to impersonate Google support and attempt to extract login credentials, posing a direct threat to user accounts and privacy. This is a realized harm (fraud and unauthorized access risk) caused by AI, meeting the criteria for an AI Incident.

An AI system (voice-synthesizer and automated email generation) was employed in a phishing attack to gain unauthorized access to a user’s Gmail account. This event involves direct malicious use of AI, leading to or attempting harm (unauthorized data access), and thus qualifies as an AI Incident.

The event involves the use of AI technology to generate a convincing voice impersonation in a phishing attack targeting Gmail users. The AI system's role is pivotal in enabling the scam, which directly threatens user privacy and security. The incident has already occurred with attempts to access the victim's account, fulfilling the criteria for harm (violation of rights and potential data theft). Therefore, this is classified as an AI Incident rather than a hazard or complementary information.

The article describes a real phishing attack in which hackers used AI-generated voice technology and spoofed emails/domains to trick victims into surrendering their Google account credentials. This is a direct misuse of AI systems to facilitate fraud and potential data breaches, meeting the criteria for an AI Incident.

The event involves the actual use of AI (voice cloning and domain spoofing) by attackers to carry out a fraudulent scheme targeting Gmail users. This misuse of AI directly led to an attempted unauthorized account takeover, representing a realized harm scenario (even though this particular victim did not fall for it). Therefore it is classified as an AI Incident.

Scammers used AI-generated voice and convincingly spoofed Google’s contact details to try to steal credentials, but the target recognized the ruse and was not harmed. Because this is a near-miss attack that could plausibly lead to real account takeovers and data breaches if successful, it qualifies as an AI Hazard rather than an Incident.

The event involves the use of AI-generated voice technology in a phishing scam targeting Gmail users. The AI system's use is malicious and aims to deceive users into surrendering account credentials, which could lead to account compromise and data loss. While no actual harm occurred to the reported victim, the article warns that many users could fall victim, indicating a credible risk of harm. This fits the definition of an AI Hazard, as the AI system's use could plausibly lead to an AI Incident involving harm to individuals' data security and privacy rights. There is no indication that harm has already occurred, so it is not an AI Incident. The article is not merely complementary information or unrelated news, as it focuses on the risk posed by AI-enabled scams.

The event involves the use of AI-generated voice technology to conduct a phishing attack, which is an AI system used maliciously. The scam attempts to deceive users into surrendering sensitive information, which constitutes a violation of user rights and harm to individuals' privacy and security. The article reports actual attempts and warns of potential successful scams, indicating direct or indirect harm caused by the AI system's use. Therefore, this qualifies as an AI Incident due to realized harm or ongoing attempts causing harm.

The event involves the use of an AI system (AI-generated voice) in the execution of a phishing scam that could lead to harm by compromising user accounts and personal data, which constitutes harm to individuals' rights and privacy. The article reports on an actual attempted attack that did not succeed but highlights the realistic and sophisticated nature of the AI-enabled scam. Since no actual harm occurred to the victim but the AI-enabled attack method plausibly could lead to harm if successful, this qualifies as an AI Hazard rather than an AI Incident. The article warns users about the potential danger and the need for caution, emphasizing the plausible future harm from such AI-enabled scams.

The article explicitly mentions the use of AI-generated calls as part of a phishing attack targeting Gmail users, which has directly led to harm in the form of unauthorized access and potential security breaches. This fits the definition of an AI Incident because the AI system's use in generating realistic scam calls is a direct contributing factor to the harm experienced by users (harm to persons through security breaches and potential privacy violations).

The scam involves the use of AI-generated voices to impersonate a trusted entity (Google) and deceive individuals into revealing sensitive information, which directly leads to harm by compromising personal accounts. This constitutes an AI Incident because the AI system's use in generating realistic voices is a direct factor enabling the scam and resulting harm to individuals' security and privacy.

The event involves an AI system explicitly used to generate realistic voice calls and fake emails as part of a multi-stage scam to take over a Gmail account. The scam caused direct harm by attempting unauthorized access to personal data, which constitutes harm to the individual (a). The AI system's role is pivotal in enabling the scam's sophistication and plausibility, fulfilling the criteria for an AI Incident.

The event involves the use of AI systems to conduct spoofing attacks that directly lead to harm by compromising user accounts and personal information, which constitutes a violation of rights and harm to individuals. The AI's role is pivotal in making the scam more convincing and harder to detect, thus directly contributing to the harm. Therefore, this qualifies as an AI Incident.

The scam involves the use of AI to generate convincing fake phone calls and spoofed emails to manipulate users into granting account access. The AI system's use in the scam directly leads to harm by enabling unauthorized access to personal accounts, which constitutes harm to individuals' privacy and security. Therefore, this qualifies as an AI Incident due to realized harm caused by the AI system's use in the scam.

The scam involves the use of AI to create deceptive notifications, spoofed emails, and possibly automated or AI-enhanced voice calls to trick users into approving fraudulent account recovery requests. This use of AI directly leads to harm by enabling fraud and theft of personal information, which constitutes harm to individuals. Therefore, this qualifies as an AI Incident because the AI system's use in the scam directly leads to realized harm (fraud and personal data theft).

The article explicitly describes the use of AI-generated voice deepfakes in a phishing scam that directly targets users' Gmail accounts. The AI system's use in generating realistic scam calls is central to the attack's sophistication and potential success. The harm involves unauthorized access attempts and potential data theft, which are violations of user rights and security. Therefore, this qualifies as an AI Incident because the AI system's use has directly led to harm through phishing attacks and account compromise attempts.

The event involves the use of AI systems (AI-generated voice deepfakes) in the malicious use of phishing attacks that have directly led to harm or attempted harm to users by compromising their Gmail accounts. The AI system's use in generating realistic scam calls is central to the incident, causing direct risk of credential theft and account compromise, which constitutes harm to individuals' security and privacy. The article also describes Google's response as complementary information but the primary event is an AI Incident due to realized harm and direct involvement of AI in the scam.

The event involves the use of an AI system to generate realistic scam calls that directly facilitate a cyberattack aiming to steal user credentials and bypass security measures like two-factor authentication. This use of AI has directly led to harm by enabling phishing attacks against Gmail users, fulfilling the criteria for an AI Incident due to harm to persons through cybercrime and privacy violations.

The event involves AI systems used maliciously to conduct phishing scams that have directly targeted and attempted to compromise Gmail accounts of billions of users. The AI-generated voice calls and sophisticated scam techniques have caused or attempted to cause harm by deceiving users into revealing credentials, which is a violation of user security and privacy (harm to property and potentially personal data). The article provides concrete examples of realized harm (attempted account takeovers) and describes the AI's pivotal role in enabling these attacks. Therefore, this qualifies as an AI Incident rather than a hazard or complementary information.

The article explicitly describes AI-driven phishing attempts that have already targeted and deceived users, including high-profile individuals, causing harm through scams and potential account compromise. The AI system's use in generating convincing fake communications directly leads to harm (a) injury or harm to persons, here in the form of fraud and account breaches. The involvement of AI in the scam generation and the realized harm meets the criteria for an AI Incident rather than a hazard or complementary information. The article also mentions ongoing efforts to combat such scams, but the primary focus is on the existing harm caused by AI-enabled phishing.

The event involves the use of an AI system (AI-generated voice) in the scam's operation, which is central to the deception and the attempt to take over accounts. The scam has directly led to harm or attempted harm to individuals by trying to gain unauthorized access to their Gmail accounts, which constitutes a violation of user rights and privacy. Therefore, this qualifies as an AI Incident because the AI system's use is pivotal in causing harm through malicious use and deception.

The event involves the use of AI systems to generate realistic voice calls that are used maliciously to deceive users and gain unauthorized access to their Gmail accounts. This misuse of AI directly leads to harm by compromising users' digital accounts and personal data. The article reports actual occurrences of such scams, not just potential risks, thus qualifying as an AI Incident due to realized harm caused by AI-enabled spoofing attacks.

The article details how AI-powered scam calls and emails were used to impersonate Google, attempting to deceive a user and potentially compromise their account. The AI system's involvement in generating realistic voice and email content directly contributed to the harm (attempted fraud and violation of security and privacy). The harm is realized as the scam attempts occurred, even if the user avoided actual loss. This fits the definition of an AI Incident because the AI system's use led directly to harm to the individual's rights and security.

The event involves an AI system generating realistic voice calls to impersonate legitimate support staff, which is a clear use of AI in a malicious context. The scam attempts to steal login credentials and bypass security measures, directly threatening user accounts and privacy, which falls under harm to property and violation of rights. The harm is either realized or highly likely given the nature of the scam and similar reported cases. Therefore, this qualifies as an AI Incident due to the direct involvement of AI in causing harm through malicious use.

The scam involves the use of AI to generate convincing fake recovery requests and spoofed communications, which directly leads to harm by enabling unauthorized access to personal Gmail accounts, constituting a violation of user rights and harm to individuals' privacy and security. Therefore, this qualifies as an AI Incident because the AI system's use in the scam directly leads to realized harm to people.

The article explicitly mentions the use of AI-generated voice to impersonate a Google support representative, which is an AI system used maliciously. The scam attempts to trick the victim into giving up credentials, which constitutes harm to personal security and privacy, a violation of rights. Although the victim avoided actual loss, the AI system's use directly contributed to the attempted harm. Therefore, this qualifies as an AI Incident due to realized harm or attempted harm facilitated by AI.

The event involves the use of an AI system to generate a highly realistic scam call, which is a direct use of AI technology in a malicious attack. The harm is realized in the form of attempted unauthorized access to user accounts and potential privacy breaches, which are violations of rights and could lead to harm to individuals and communities. The AI system's role is pivotal in enabling the scam's sophistication and scale. Since the scam is actively deployed and has directly led to attempted harm, this qualifies as an AI Incident.

The article explicitly mentions the use of likely AI-generated phone calls as part of a multi-step scam targeting Google users. The AI system's involvement is in the use of generative AI to produce convincing voice calls that deceive victims. This use has directly led to harm by enabling phishing attacks that can result in unauthorized access to personal accounts, violating users' rights and causing property harm. The harm is realized, not just potential, as victims have been targeted and deceived. Hence, this is an AI Incident involving malicious use of AI systems causing harm to individuals.

The event explicitly mentions the use of AI to generate fake calls and emails that impersonate Google, which are used to deceive users into granting access to their Gmail accounts. This misuse of AI has directly caused harm by enabling scammers to steal personal data and misuse it fraudulently. Therefore, this qualifies as an AI Incident because the AI system's malicious use has directly led to harm to individuals' rights and property.

The article explicitly mentions AI-driven phishing scams that have been used to deceive users, including specific incidents where individuals were targeted and nearly victimized. The AI system's use in generating convincing scam calls and emails directly contributes to the harm of users by attempting to steal credentials, which constitutes harm to persons. Therefore, this qualifies as an AI Incident because the AI system's use has directly led to attempts of harm through phishing scams.

The event involves an AI system (AI-generated voice) used in a scam to impersonate a trusted entity and deceive a user, which is a direct use of AI leading to harm (attempted credential theft and identity fraud). The harm is realized in the form of a scam attempt targeting personal data and account security. The article details the incident and the harm caused by the AI system's use, fitting the definition of an AI Incident. The article also mentions ongoing efforts to combat such scams, but the primary focus is on the scam event itself, not just complementary information or future hazards.

The event involves the use of an AI system (AI-generated voice) in the malicious use of impersonation to commit fraud. The scam has directly led to harm or the risk of harm to individuals by attempting to steal login credentials and private information, which constitutes a violation of rights and harm to individuals. Therefore, this qualifies as an AI Incident due to the realized harm from the AI system's malicious use in phishing.

The article explicitly mentions the use of AI-powered tools to simulate realistic conversations and spoof official communications, which directly leads to harm by tricking users into giving attackers access to their Gmail accounts. This constitutes an AI Incident because the AI system's use in the scam has directly led to violations of users' rights and harm to their digital property and privacy. The harm is realized, not just potential, as the scam is actively targeting millions of users and has caused actual incidents of account compromise.

The scam involves the use of AI to generate deceptive content (fake recovery requests, spoofed emails, and convincing phone calls) that directly leads to harm by enabling scammers to take control of users' Gmail accounts and access sensitive personal data. This fits the definition of an AI Incident because the AI system's use in the scam has directly led to harm to individuals' privacy and security. The article describes realized harm through the scam's active targeting and manipulation of users, not just a potential risk.

The article explicitly mentions the use of AI to create a "super realistic" voice for phishing calls, which directly supports the scam attempt to gain unauthorized access to a Gmail account. This is a clear example of AI use leading to harm (attempted theft of personal information), fulfilling the criteria for an AI Incident. The harm is to individuals' security and privacy, which falls under harm to persons. The AI system's role is pivotal in making the scam more convincing and scalable, increasing the risk and impact of such attacks.

The article explicitly mentions the use of AI to generate a realistic voice for phishing calls, which is a clear example of AI system use. The harm involved is the attempted theft of personal information through deception, which is a violation of rights and causes harm to individuals. The scam is active and ongoing, indicating realized harm rather than just potential harm. Therefore, this event qualifies as an AI Incident because the AI system's use directly contributes to the harm caused by the scam.

The article explicitly mentions the use of AI-generated voice to impersonate a Google support person in a scam to take over Gmail accounts. This use of AI directly facilitates a phishing attack that harms individuals by threatening their account security and privacy, which fits the definition of an AI Incident due to harm to property and violation of rights. The harm is realized as the scam attempts to steal passwords, and the AI system's role is pivotal in making the scam more convincing and effective.

The article explicitly mentions AI-generated scam calls that have been used to deceive users into potentially giving away their Gmail credentials, which could lead to unauthorized access and data theft. This constitutes direct harm to property and personal data security. The AI system's use in generating realistic scam calls is central to the incident, and actual harm (account compromise and data download) has occurred or is highly plausible based on the described events. Therefore, this qualifies as an AI Incident due to realized harm facilitated by AI misuse.

The article explicitly mentions the use of AI-generated voice technology in a scam call that deceived a security expert, indicating the presence and use of an AI system. The scam caused direct harm by attempting to steal Gmail account credentials, which is a violation of personal security and privacy rights. The AI system's role was pivotal in making the scam convincing and scalable, leading to realized harm. Therefore, this qualifies as an AI Incident under the framework.

The article explicitly mentions AI-driven phishing attacks using deepfake technology to create realistic scam calls and notifications that deceive users into revealing credentials. This misuse of AI has directly caused harm by compromising user security and privacy, fitting the definition of an AI Incident due to violations of user rights and harm to individuals. The involvement of AI in the scam's operation and the realized harm to users' account security justifies classification as an AI Incident.

The event involves the use of an AI system (AI-generated voice) in the malicious use context to conduct a phishing scam. The scam has directly led to harm or attempted harm by trying to gain unauthorized access to personal email accounts, which constitutes a violation of privacy and potentially other rights. The AI system's role is pivotal in making the scam more convincing and effective. Therefore, this qualifies as an AI Incident due to realized harm (or attempted harm) facilitated by AI.

The event involves the use of an AI system (AI-generated voice) in the scam's operation, which is a direct use of AI technology. The scam attempts to cause harm by tricking users into account recovery approval, which could lead to unauthorized access to personal data, constituting harm to individuals' rights and privacy. Since the scam is actively occurring and causing harm or attempting to cause harm, this qualifies as an AI Incident under the framework.

The event involves an AI system explicitly used to generate synthetic voice calls for phishing, which has directly led to harm or attempted harm (account takeovers) to Gmail users. The scam's deployment and the detailed account of attempts and near-successes demonstrate realized harm rather than just potential risk. The AI-generated voice is pivotal in making the scam convincing and effective, fulfilling the criteria for an AI Incident under the framework.

The scam explicitly involves AI-driven deception, including AI-generated or enhanced voice calls and spoofed emails designed to appear legitimate. This use of AI directly facilitates the scam, leading to realized harm—personal data theft and unauthorized account access. The event describes actual occurrences of the scam and its impact on users, not just potential risks. Hence, it meets the criteria for an AI Incident due to direct harm caused by the AI system's use in the scam.

The event involves the use of AI systems (AI-generated voices) in the active perpetration of telephone scams that have directly led to harm or attempted harm to individuals by trying to steal personal information. The AI system's role is pivotal in making the scam more convincing and widespread, increasing the risk and occurrence of harm. This fits the definition of an AI Incident because the AI system's use has directly led to harm (attempted fraud and potential privacy violations).

The article explicitly mentions the use of AI-generated voice (a KI-Stimme) to conduct phishing calls that aim to gain unauthorized access to Gmail accounts. This involves the use of an AI system in the scam's execution. The harm is realized or at least attempted, as the scam tries to compromise user accounts, which is a violation of user rights and can lead to property harm. Therefore, this qualifies as an AI Incident due to the direct involvement of AI in causing harm through malicious use.

The article explicitly mentions the use of artificial intelligence to automate phone calls that respond to speech, making the scam highly convincing. This AI involvement is central to the fraud's effectiveness and the resulting harm, which includes potential identity theft and financial fraud. Since the harm is occurring or has occurred (users being targeted and potentially scammed), this qualifies as an AI Incident under the framework, as the AI system's use has directly led to harm to people (a).

The article explicitly mentions the use of an AI-generated voice to impersonate a Google employee in a scam call aimed at Gmail users. The AI system's use is central to the fraud attempt, which if successful, would lead to harm (account takeover, privacy breach). Since the harm is directly linked to the AI system's malicious use and the event describes an actual attempt (not just a theoretical risk), this qualifies as an AI Incident. The victim narrowly avoided harm, but the event itself is a realized AI-enabled fraud attempt causing or intending harm.

The event involves the use of an AI system (AI-generated voice) in the execution of a phishing attack, which has directly led to harm by deceiving users and potentially causing loss of access to their Gmail accounts. This constitutes a violation of user rights and harm to individuals through fraud and unauthorized account access. Therefore, it meets the criteria of an AI Incident due to the realized harm caused by the AI-enabled phishing scam.

The article explicitly mentions the use of a 'KI-Stimme' (AI voice) to deceive victims in a phishing and phone scam targeting Google users. The AI system's use directly facilitates the fraud, which is a harm to individuals through deception and potential data theft. The harm is occurring or has occurred as victims are targeted and potentially scammed. Therefore, this qualifies as an AI Incident due to realized harm caused by the AI system's use in the scam.

The article explicitly mentions the use of AI to create highly realistic voice calls as part of a fraud scheme targeting billions of Gmail users. This AI-enabled deception has directly led to attempted theft of personal data and unauthorized account access, which constitutes harm to individuals' rights and privacy. Although the specific incident described did not result in actual account takeover, the AI system's role in enabling the scam and the potential for harm to many users qualifies this as an AI Incident due to realized harm (attempted fraud) and direct involvement of AI in the malicious use.

The article explicitly mentions the use of AI-generated voice calls to impersonate legitimate company representatives, which is an AI system's use in a malicious context. The AI system's use directly facilitates the fraud attempt, which is a harm to individuals' property and privacy rights. The Microsoft employee was nearly a victim, indicating the harm is real and ongoing. Therefore, this qualifies as an AI Incident due to the direct involvement of AI in causing harm through fraudulent account takeovers.

The event involves AI systems (deepfake voice generation, AI-crafted phishing emails) used maliciously to deceive victims and attempt unauthorized access to personal accounts. While no successful breaches are reported in the article, the described AI-enabled fraud attempts pose a credible risk of harm to individuals' property and privacy, fitting the definition of an AI Hazard. However, since the article reports actual ongoing fraud attempts using AI, and these attempts have directly threatened millions of users, it qualifies as an AI Incident due to the realized harm potential and the direct involvement of AI in the malicious use. The article does not merely warn about potential future harm but documents active AI-enabled fraud schemes targeting users, thus meeting the criteria for AI Incident rather than AI Hazard or Complementary Information.

The event involves the use of an AI system (AI-generated voice) in the malicious use of AI to deceive users and gain unauthorized access to their accounts. This leads to a direct threat to users' privacy and security, which is a violation of rights under applicable law. The scam is active and has caused or nearly caused harm, qualifying it as an AI Incident. The AI system's role is pivotal in enabling the scam through realistic synthetic voice calls, which are central to the harm caused.