Portuguese 
English 
Spanish 
3 min of reading 
0 comments 
With the Advancement of Artificial Intelligence, Cybercriminals Can Quickly Analyze Online Data, Creating Sophisticated Phishing Strategies That Fool Even the Most Advanced Security Systems
We celebrate the fact that artificial intelligence is transforming various industries, but not all affected industries are legitimate to the same extent: it has also served to arm cybercriminals with more sophisticated tools to execute phishing scams.
According to cybersecurity experts and recent reports from companies like the e-commerce giant eBay or the multinational insurance company Beazley, ultra-sophisticated and personalized phishing scams based on AI have started to proliferate, which presents a major challenge, as users continue to fall for much less elaborate phishing campaigns.
The Impact of Artificial Intelligence on Phishing
AI allows hackers, through the rapid analysis of large amounts of data about an individual or a company, to replicate their style and tone to craft convincing emails that are difficult to detect as fraudulent. According to Kirsty Kelly, information security director at Beazley:
“It is getting worse and becoming more personalized. That’s why we suspect that AI is largely behind this”.
-
YouTuber builds a homemade nuclear battery with 5 tritium tubes, reaching 2.9 volts at night and demonstrates how a tiny, sealed system without sunlight can generate energy on its own for up to 12 years.
-
Is Wi-Fi on its way out? The new Li-Fi technology with the 802.11bb standard uses LED lamps to transmit data, reaching speeds up to 100 times faster, operating in a spectrum 3,000 times broader, and promising security that is nearly impossible to breach.
-
OPPO Find X9 Ultra arrives with a 200 MP camera, RAW MAX, 16 EV HDR, 10x zoom, Snapdragon 8 Elite Gen 5, 2K 144 Hz display, and a massive 7,050 mAh battery with 100 W charging.
-
Santa Catarina may face the worst climatic scenario in recent years with Super El Niño knocking at the door and an 80% chance of bringing floods, landslides, and destruction starting in July.
This extreme personalization is achieved by analyzing online profiles and activities on social networks, which also enables attackers to identify which topics may attract or convince victims. For example, an executive might receive an apparently legitimate email related to a recent project mentioned on LinkedIn.
Kip Meintzer from cybersecurity firm Check Point Software Tech stated during a recent investors’ conference that AI has given hackers “the ability to write the perfect phishing email”.
These hyper-personalized tactics significantly increase the likelihood of success of attacks.
Advantages of Artificial Intelligence for Cybercriminals
Nadezda Demidova, a cybersecurity researcher at eBay, explained that the availability of generative AI tools has significantly lowered the barriers to entry for cybercrime (i.e., it is no longer necessary to be a tech expert to launch virtual scam campaigns).
These tools not only allow for the creation of convincing emails but also enable quick adaptations to bypass corporate security filters.
Moreover, AI can scan codes and analyze human processes to identify vulnerabilities, according to Sean Joyce, global cybersecurity leader at PwC. This means that even companies with sophisticated defense systems are vulnerable to targeted attacks.
The Reach of Scams and Their Financial Impact
More than 90% of successful cyberattacks begin with a phishing email attack, according to the U.S. Cybersecurity and Infrastructure Security Agency (CISA). This method of attack is not only effective but also quite costly for victims, especially when it comes to businesses.
A specific type of attack that has gained prominence is known as ‘BEC’, in which scammers deceive recipients (posing as an executive or supplier) into transferring funds or sharing sensitive information without using malware.
According to the FBI, this type of fraud has resulted in losses exceeding $50 billion worldwide since 2013.
What Can Companies and Users Do?
In light of this scenario, both companies and individuals must adopt more proactive strategies to mitigate the risk of AI-driven phishing attacks:
Continuous Education: Cybersecurity training must evolve to include examples of hyper-personalized emails and other emerging strategies driven by artificial intelligence.
Investments in Technology: Organizations need to implement AI-based detection systems that can identify anomalous patterns in emails, even when they appear highly personalized.
Constant Monitoring of Online Profiles: Reducing the amount of publicly available personal information can make it more difficult for attackers to collect relevant data for their scams.
Seja o primeiro a reagir!