
31 Oct Evolution of Phishing – what AI is doing to revolutionise social engineering
Phishing started as a basic tactic for attackers to exploit our trust. They were often directionless mass emails sent out with the hope that somebody would bite the hook. Over the years they have evolved into nastier, targeted emails to small and large businesses alike. Now, with the advent of AI, the threat has increased significantly – as shown by this recent study reporting a 60% increase in AI-driven phishing attacks.
AI has revolutionised phishing: it is more intelligent, persuasive, and difficult to identify. Grasping the nuances of this new danger is essential to staying safe.
AI-enhanced phishing
Hyper-realistic emails
AI can process vast amounts of data to study human communication patterns. By analysing the language, tone, and style of legitimate emails or messages, AI can craft phishing messages that closely resemble real communication. These messages are harder to recognise as phishing attempts because they sound natural, as if they come from a trusted source.
Curious about the process? Read on to discover how it’s done in detail
Tailored Attacks and Spear Phishes
An AI system that gathers detailed information about a target from various sources allows it to create messages that are difficult to distinguish from legitimate communications. Now we have spear-phishing attacks which are highly targeted, hugely effective, and difficult to prevent.
Automation
Now, AI language models can quickly generate and send thousands of hyper-realistic phishing emails, each as tailored as the last. Additionally, AI can adapt messages based on responses, sending follow-up emails to those who initially engage but don’t provide the desired information, making the attacks more persistent and effective.
Deepfake technology
THE IMPACT OF AI-enhanced phishing
Increased success rates
Greater damage
Personalised attacks can lead to substantial data breaches, allowing attackers to gain unauthorised access to sensitive data. The impact of further disruption to business operations can be far-reaching and damaging.
how to protect yourself
Vigilance
Warning signs
Additional Authentication
Authentication Protocols
Education
Confirm Legitimacy of Requests
Use Advanced Security Tools
Report Phishing Attempts
Regular Security Audits
Need Help with Safeguards Against AI-driven Phishing?
Balancing confidentiality with accuracy and accessibility using the NHS’ IGF
Since the introduction of GDPR (General Data Protection Regulation) and the Data Protection Act 2018...
Mobile Phone Theft – The Hidden Dangers and How to Protect Yourself
Mobile Phone Theft: A Growing Threat Mobile phone theft is not only common but also becoming increas...
Evolution of Phishing – what AI is doing to revolutionise social engineering
Phishing started as a basic tactic for attackers to exploit our trust. They were often directionless...
Going the extra mile with Cyber Essentials Plus
Most companies are aware of the benefits of obtaining Cyber Essentials certification for their busin...
Charity Cyber Essentials awareness month: strengthening cybersecurity for charities
This October, InfoShelter is excited to join forces with IASME and the National Cyber Security Centr...
Sorry, the comment form is closed at this time.