Security News > 2023 > March > AI is taking phishing attacks to a whole new level of sophistication

92% of organizations have fallen victim to successful phishing attacks in the last 12 months, while 91% of organizations have admitted to experiencing email data loss, according to Egress.
"The growing sophistication of phishing emails is a major threat to organizations and needs to be urgently addressed," said Jack Chapman, VP of Threat Intelligence, Egress.
"The signature-based detection used by Microsoft 365 and secure email gateways can filter out many phishing emails with known malicious attachments and links, but cybercriminals want to stay one step ahead. They are evolving their payloads and increasingly turning to text-based attacks that utilize social engineering tactics and attacks from a known or trusted source, such as a compromised supply chain email address."
The report investigates both inbound phishing attacks and outbound data loss and exfiltration, highlighting the importance of a holistic approach to email security.
86% of surveyed organizations reported that they were negatively impacted by sophistication of phishing emails, and 54% suffered financial losses due to customer churn following a successful phishing attack.
Email security is a necessity for stoping phishing attacks.
News URL
https://www.helpnetsecurity.com/2023/03/08/sophistication-of-phishing-emails/
Related news
- YouTube warns of AI-generated video of its CEO used in phishing attacks (source)
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Darktrace: 96% of Phishing Attacks in 2024 Exploited Trusted Domains Including SharePoint & Zoom Docs (source)
- Phishing attack hides JavaScript using invisible Unicode trick (source)
- FatalRAT Phishing Attacks Target APAC Industries Using Chinese Cloud Services (source)
- CrowdStrike Security Report: Generative AI Powers Social Engineering Attacks (source)
- Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail (source)
- How New AI Agents Will Transform Credential Stuffing Attacks (source)
- MINJA sneak attack poisons AI models for other chatbot users (source)
- New ‘Rules File Backdoor’ Attack Lets Hackers Inject Malicious Code via AI Code Editors (source)