As cybercriminals leverage tools like generative AI, making attacks easier to execute and with a higher degree of success, phishing attacks continues to increase in frequency.
I’ve been covering the cybercrime economy’s use of AI since it started.
I’ve pointed out the simple misuse of ChatGPT when it launched, the creation of AI-based cybercrime platforms like FraudGPT, and how today’s cybercriminal can basically create foolproof malicious content. Now we’re seeing the fruits of that labor.
According to cybersecurity vendor Perception Point’s 2024 Annual Report: Cybersecurity Trends & Insights, phishing attacks represent 70.8% of all advanced attacks via email (business email compromise or BEC) and 79,8% of web browser-based attacks.
But the interesting caveat is how all of these attacks have been “enhanced” (as Perception Point puts it) by generative AI. According to their analysis, only 1% of attacks in 2022 utilized GenAI. But that number last year jumped to 18.6% - a 1760% increase!
I expect that number to continue to jump this year and, potentially, just as large an increase, given the popularity of GenAI and the increasing preponderance of maliciously-intended AI-based platforms.
But in the end, much of the output of AI in these circumstances is just really good phishing emails. So, it becomes that much more imperative that employees be enrolled in new-school security awareness training so they can interact with every email with a sense of vigilance and scrutiny, helping to reduce the likelihood of a successful phishing attack.
KnowBe4 empowers your workforce to make smarter security decisions every day. Over 65,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.
