Security News > 2023 > April > AI tools help attackers develop sophisticated phishing campaigns

AI tools help attackers develop sophisticated phishing campaigns
2023-04-25 05:00

The report found that a majority of modern phishing attacks rely on stolen credentials and outlined the growing threat from Adversary-in-the-Middle attacks, increased use of the InterPlanetary File System, as well as reliance on phishing kits sourced from black markets and AI tools like ChatGPT. "Phishing remains one of the most prevalent threat vectors cybercriminals utilize to breach global organizations. Year-over-year, we continue to see an increase in the number of phishing attacks which are becoming more sophisticated in nature. Threat actors are leveraging phishing kits & AI tools to launch highly effective e-mail, SMiShing, and Vishing campaigns at scale"," said Deepen Desai, Global CISO and Head of Security, Zscaler.

"AitM attacks supported by growth in Phishing-as-a-Service have allowed attackers to bypass traditional security models, including multi-factor authentication. To protect their environment, organizations should adopt a zero trust architecture to significantly minimize the attack surface, prevent compromise, and reduce the blast radius in case of a successful attack," added Desai.

The rise in new and evolving threats like ChatGPT. The emergence of new AI technology and large language models like ChatGPT have made it easier for cybercriminals to generate malicious code, Business Email Compromise attacks, and develop polymorphic malware that makes it harder for victims to identify phishing.

Attackers are using real voice snippets of the executive team in these vishing attacks by leaving a voicemail of these pre-recorded messages.

Phishing campaigns on education and healthcare industries surge.

Shuts down compromised users and insider threats: If an attacker gains access to your identity system, Zscaler can prevent private app exploit attempts with in-line inspection and detect the most sophisticated attackers with integrated deception.


News URL

https://www.helpnetsecurity.com/2023/04/25/ai-phishing-campaigns/

Related news