The views expressed by Entrepreneur contributors are their very own.
AI is a double-edged sword. While it opens up a multitude of use cases to make our work and day by day lives more efficient, it also gives cybercriminals the ability to launch simpler attacks.
Phishing, already the most typical type of cyberattack, encompasses almost 3.4 billion emails sent day by day are now powered by artificial intelligence, which increases the sophistication of the attack and maximizes the probability of its success.
The latest study reveals, 60% an increase in AI-based phishing attacks, with a higher success rate compared to messages created by human experts. This highlights that AI is not only a tool, but a catalyst in transforming how these attacks are carried out, underlining the need to stay ahead of their rapid evolution.
Is This Really Your CEO? Think Twice
In the era of GenAI, the line between phishing and authentic emails is blurry, making them nearly inconceivable to detect. Senior management are becoming one of the predominant targets for cyberattacks due to the amount of sensitive information and authority they hold inside the organization. Attackers have taken phishing to a whole latest level using AI tools, engaging in what is referred to as “whale phishing.”
This method involves using artificial intelligence (AI) to impersonate senior company executives by imitating their appearance, voice and mannerisms in order to trick employees into transferring funds or gaining access to systems, leading to financial and reputational losses.
Strict example can be an attack on an promoting firm, where hackers used the CEO’s image to create a fake WhatsApp profile to arrange a Microsoft Teams meeting with him and one other senior executive. During the call, the attackers used AI voice cloning and YouTube footage to trick employees into revealing personal information and handing over money under the pretext of starting a latest company. Fortunately, the attempt failed thanks to the vigilance of the company’s executive.
The sophistication of such attacks reminds us that we are able to not afford to blindly consider that somebody is who they say they are, just because their profile has their picture and name on it. More than 95% IT professionals say it’s hard to discover phishing attacks created using large language models (LLMs) like ChatGPT, Gemini, and WormGPT. The strategy is to play with human psychology and personal information available online to create the most convincing message possible. These messages often impersonate trusted associates, instill fear of a potential security breach, or pique curiosity with a “too good to be true” offer related to a recent purchase, enticing users to click.
Gone are the days when phishing attacks might be detected by spelling mistakes, misinformation, and clumsy execution. Today’s AI-powered phishing campaigns correct such errors, so bad actors can effortlessly generate a campaign from just five hints and five secondswhich might traditionally take a fraudster almost 16 hours.
In this landscape, it is crucial to remain vigilant and query the authenticity of every message. The stakes are high, and the need for rigorous verification processes has never been more critical.
How can we outsmart these attacks?
Ironically, the defense against these AI-based attacks is using AI itself. Businesses should consider investing in AI-based security measures, with Extended Detection and Response (XDR) playing a key role in this strategy. XDR continuously monitors the mailbox, scanning for indicators of compromise (IOCs) corresponding to URLs, domains, IP addresses, file hashes, and more.
Additionally, XDR behavioral evaluation establishes a baseline of typical user behavior and email traffic patterns. When deviations from this baseline are detected, corresponding to unusual login times, unexpected email attachments, or odd communication patterns, the system flags these anomalies, proactively mitigating phishing attempts inside the organization.
Complementing XDR is Unified Endpoint Management (UEM). In addition to XDR’s ability to leverage endpoint data, UEM is also essential for patch management, password policy enforcement, and access management. By enabling timely patching, UEM keeps all systems up to date, reducing vulnerabilities that are often exploited by phishing campaigns. In addition, consistent password policies across all endpoints, including password complexity, multi-factor authentication, and access controls, protect the primary impermanent factor—passwords. So, the integration between XDR and UEM creates a comprehensive defense against phishing threats. XDR detects and responds to attacks, while UEM helps establish first-line defense protocols. If a breach does occur, UEM may remotely wipe compromised devices to limit damage.
Ultimately, the end goal should all the time be to move towards a zero-trust architecture. While UEM and XDR are essential in this journey, they are not the whole picture. By adopting role-based access controls and rigorously vetting each account before they are granted any permissions to access data, administrators can fully embrace the principle of trust no one, all the time confirm. This approach helps prevent unauthorized access in the event of a breach and significantly limits the potential for damage by limiting lateral movement.
In the end, all of it comes down to human vigilance.
Even with the most advanced security measures, they are completely ineffective if employees are not aware of the latest phishing techniques and the critical details they need to be careful for. Business leaders need to invest in effective training programs that are not monotonous for employees and often include common markers like bad grammar and failed personalization. It needs to go further by conducting AI-simulated phishing exercises that increase awareness of checking the source of emails, verifying URLs and domains against a real company, and developing a sense of skepticism to critically evaluate and respond to highly convincing phishing scenarios.
Additionally, the basic practices of enforcing strong, unique passwords for each account, coupled with multi-factor authentication (MFA), are timeless measures that may all the time remain essential.