Phishing attacks are becoming increasingly sophisticated. A recent report indicates that scammers are leveraging AI to gather information from your online profiles to craft hyper-personalized emails that aim to steal your login credentials.
By uncovering details ranging from your workplace to your hobbies, these fraudulent emails stand a much better chance of being perceived as authentic…
Phishing has existed for a long time. Scammers typically send out mass emails impersonating banks, email services, cryptocurrency platforms, and well-known companies such as Amazon and Apple.
The deceptive content often aims to instill a sense of urgency. For instance, you might receive an alert from your bank regarding a suspicious transaction, a notification from Amazon about an invoice for a product you didn’t order, or a message from Apple indicating that your iCloud account is about to be cancelled.
The goal is to provoke victims into clicking links and entering their login details before they can pause to consider the legitimacy of the message.
While many of these attacks are broad and generic, a report from Financial Times highlights a significant shift. Scammers are now employing AI to sift through public profiles, allowing them to generate emails that seem highly knowledgeable about the individual, making it easier to deceive victims.
Prominent organizations such as British insurer Beazley and ecommerce giant eBay have raised alarms about the surge in fraudulent emails containing personal information likely sourced through AI analysis of online profiles.
“This situation is deteriorating, becoming very personal, and we suspect that AI is driving much of this,” stated Beazley’s chief information security officer, Kirsty Kelly. “We’re witnessing a rise in targeted attacks that have gathered an extensive amount of information about individuals.”
These highly tailored phishing emails are also significantly more likely to bypass filters used by corporations and email providers like Apple and Google.
Currently, the primary victims appear to be corporate employees, as AI bots even mimic the writing styles of specific companies based on their websites and other publicly available content to enhance their scams. However, it is anticipated that these tactics will soon be adopted against consumers, potentially scraping data from social media profiles.
The best defense against phishing attacks is to never click on links in emails. Instead, use your bookmarks or manually type in a known URL.
Photo by Tyler Franta on Unsplash
: . More.
