The Growing Influence of AI on Phishing Emails
Regular reports of data breaches and cyberattacks reinforce the urgency for organizations and individuals to be proactive against evolving threats. The latest report from IBM sheds light on the current landscape of data breaches, highlighting trends, causes, and potential safeguards. Let’s take a look at the key findings, and explore the implications for businesses and individuals alike.
Key Drivers
One of the key drivers behind this alarming increase in phishing threats, according to Patrick Harr, the CEO of SlashNext, is the growing role of generative AI. He explains that threat actors have been harnessing tools like ChatGPT to craft sophisticated and highly targeted Business Email Compromise (BEC) and other phishing messages. The sharp uptick in these threats, coinciding with the launch of ChatGPT, is not merely a coincidence but rather a testament to the impact of generative AI on cyber threats.
Harr clarifies that the intention is not to exaggerate the dangers of generative AI but to help both customers and the broader cybersecurity community grasp the true risks and respond effectively.
The report’s findings also include an average of 31,000 daily phishing attacks. A significant portion of that, 68%, is identified as text-based BEC attacks. A survey involving over 300 cybersecurity professionals indicated that 46% of respondents had encountered BEC attacks.
Alarming Stats
Furthermore, 77% of these cybersecurity professionals have been the targets of phishing attempts. With 28% of those attacks were delivered via text messages, categorized as SMS phishing (Smishing). This highlights the evolving threat landscape, focusing increasingly on mobile-based and multi-stage attacks.
The report underlines the urgency for organizations to adopt comprehensive protective measures. This includes increasingly relying on AI-driven solutions to counter the proliferation of AI-fueled cyber threats. The landscape is rapidly shifting with the introduction of AI but it can also be used to defend against sophisticated attacks. Effective training continues to provide protection against AI-generated threats.
This report reminds us (again) of the need for heightened cybersecurity measures. Vigilance, training, and proactive security measures are more critical than ever to defend against the growing sophistication of phishing attacks.