AI and PHISHING

According to a recent study, 60% of respondents were the target of AI-automated phishing attempts, a success rate comparable to that of human-crafted phishing communications with skill.

Companies must be mindful of this new hazard as it becomes harder to identify these emails because of the advancements in Gen AI capabilities. The game has changed due to AI-enhanced phishing, and to stay ahead, you must adjust.

Become knowledgeable: Recognize the asymmetrical potential of phishing with AI enhancements. Not only are well-written emails a problem, but also machines that can adapt, learn, and launch many attacks.

In actuality, phishing scams now pose a hazard to entire enterprises rather than simply individuals. Avoid waiting until the last minute.

Tools for generative AI, such as ChatGPT, facilitate the generation of new material and streamline processes, but they also present security problems. Cybercriminals employ artificial intelligence (AI) tools to carry out intricate phishing and impersonation schemes.

Spotting AI-Generated Characteristics

• Phishing messages produced by AI may sound more genuine, tailored, and free of typographical and grammatical errors.
• Check communications for strange language, misinterpretations, and contextual mistakes.
• AI deepfakes often feature textured or airbrushed backgrounds, visual distortions, and anomalies (such as misplaced body parts or unusual objects) even if the images and videos may seem normal at first glance.
• AI-generated films may have flickering lights or shadows, and their many elements may merge or alter erratically.
• Listen intently for unusual background noise, as well as strange voice and pronunciation, to spot AI-generated audio.

Top Techniques

• Examine the picture, call, or video's context. Take a step back and consider whether the sender is a scammer if they are urging you to act quickly.
• When responding to unwanted phone calls, emails, or other online messages with a call to action or requesting sensitive information, proceed with caution. Scammers may have impersonated a familiar contact using artificial intelligence (AI) capabilities, even if it seems to be from them.
• Look for AI-generated traits and perform a reverse image search to discover whether a picture or video has been uploaded on other websites if you have any reason to believe it is not real.

Resources & Reports

• Notify the relevant security teams at your company about any suspected phishing emails you receive on your work email.
• Report to the Federal Trade Commission and the platform any suspected phishing messages that you may have received on personal accounts.
• View the Deepfakes Info Sheet from the FBI, CISA, and NSA to learn more.

Keep Up with the Times You can equip your staff to remain vigilant and prevent the next wave of phishing scams by implementing these measures. Recall that being alert is essential; don't wait until it's too late. Keep your company protected from these new threats by staying ahead of the curve.