Phishing Attacks Surge As Cyber Criminals Exploit New AI Tools

Phishing campaigns worldwide rose nearly 50% in 2022 compared to 2021 driven partly by phishing kits and new AI tools accessible to threat actors, according to zero trust security vendor Zscaler’s ThreatLabz Phishing Report. The company believes that the 2022 increase compared to 2021 was likely driven partly by phishing kits and new AI tools that are now accessible to threat actors. 

AI tools can help threat actors craft convincing phishing messages that are devoid of some of the typical flags of a phishing attempt. 

According to ZScaler 65% of phishing attacks worldwide occurred in the US, and the education sector experienced a 576% increase. Additionally, the finance sector experienced a significant increase in phishing attacks. Their report highlights recent trends in phishing and attackers continue to rely on stolen credentials to leverage attacks but have integrated new techniques with AI tools such as ChatGPT.

The ZScaler report found that most modern phishing attacks rely on stolen credentials and outlined the growing threat from Adversary-in-the-Middle (AitM) attacks, increased use of the InterPlanetary File System (IPFS). This is a distributed peer-to-peer file system that allows users to store and share files on a decentralised network of computers, as well as reliance on phishing kits sourced from black markets and AI tools like ChatGPT.

The development of phishing has been considerably aided by AI tools like ChatGPT and phishing kits, which have lowered the technological entry barriers for thieves and saved them time and resources. 

According to the paper, “large language models, such as ChatGPT, have made it simpler for cyber criminals to create harmful code, Business Email Compromise (BEC) assaults, and produce polymorphic malware that makes it more difficult for victims to recognise phishing.

A phishing page stored on IPFS is far more challenging to remove due to the peer-to-peer nature of the network. A significant phishing campaign that uses adversary-in-the-middle attacks was just detected by ThreatLabz. AiTM attacks employ strategies that can defeat standard multi-factor authentication procedures.

These findings are based on a year’s worth of global data from the Zscaler security cloud, which monitors over 280 billion transactions daily across the globe, from January 2022 through December 2022.The US, the UK, the Netherlands, Russia, and Canada were the top five most targeted nations. The research lists some brands most frequently replicated as Microsoft, Binance, Netflix, Facebook, and Adobe. 

Because they can successfully resemble legitimate messages, these AI-driven phishing efforts are more challenging to spot and defeat, which increases the likelihood that victims would fall for the scams.  For instance, the survey revealed an increase in bad actors who use vishing and recruiting scams to target job searchers. 

Researchers at Zscaler predict that threat actors will use AI tools more regularly to find fresh targets for phishing scams and they expect to see more sophisticated scams in various forms of communication, including websites, SMS, and email. 

ZScaler:    SDXCentral:    Oodaloop:      Infosecurity Magazine:   Information Security Buzz:  

You Might Also Read: 

AI Is Creating New Mobile Scamming Threats:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Retrofixing The Remote Workforce
Cyber Security And Ransomware Attacks - Problems & Solutions »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

European Defence Agency (EDA)

European Defence Agency (EDA)

EDAs mission is to improve European defence capabilities. Programme areas include Cyber Defence.

Assured Information Security (AIS)

Assured Information Security (AIS)

AIS is committed to providing our customers with critical information security products, services, and training. We support diverse needs throughout business and industry.

Baffle

Baffle

Baffle is pioneering a solution that makes data breaches irrelevant by keeping data encrypted from production through processing.

NetMonastery DNIF

NetMonastery DNIF

NetMonastery is a network security company which assists enterprises in securing their network and applications by detecting threats in real time.

Wolfpack Information Risk

Wolfpack Information Risk

Wolfpack specialise in information and cyber threat management covering the full spectrum of prevention, detection, incident response and business resilience capabilities.

Berwick Partners

Berwick Partners

Berwick Partners’ Cyber Security Practice is a leading recruiter of senior management positions in this field; we have an exceptional understanding of the constantly changing Cyber landscape.

Cingo Solutions

Cingo Solutions

Cingo Solutions is a Managed Detection & Response company providing specialized data security services.

Kaspersky Industrial CyberSecurity (KICS)

Kaspersky Industrial CyberSecurity (KICS)

Kaspersky addresses all the cybersecurity needs of industrial organizations in its Kaspersky Industrial CyberSecurity (KICS) portfolio.

DisruptOps

DisruptOps

Built for today’s cloud-scale enterprises, DisruptOps’ Cloud Detection and Response platform automates assessment and remediation procedures of critical cloud security issues.

Antares NetlogiX

Antares NetlogiX

Antares Netlogix are a leading Austrian service provider for IT security, critical infrastructures and managed security services.

Mobileum

Mobileum

Mobileum is a leading provider of Telecom analytics for roaming, security and risk management and end-to-end domestic and roaming testing solutions.

Munio

Munio

Munio's mission is to ensure businesses and organizations of every size business continuity from cyber risks, beginning with a cyber risk management solution comprising of security and risk transfer.

Infuse Technology

Infuse Technology

Infuse Technology provide the highest level of cybersecurity support, implementing practical solutions to protect against cyber-attacks, from simple phishing scams to complex data security breaches.

Valimail

Valimail

Valimail delivers the only complete, cloud-native platform for validating and authenticating sender identity to stop phishing, protect and amplify brands, and ensure compliance.

Buzz Cybersecurity

Buzz Cybersecurity

Buzz Cybersecurity systems and services are designed to proactively guard against common and uncommon cyber threats.

CYBRI

CYBRI

CYBRI is a cybersecurity company helping businesses detect and remediate mission-critical vulnerabilities before they get exploited by hackers.