AI-Based Phishing Attacks Demand A Multi-Pronged Response

Uploaded on 2025-02-11 in TECHNOLOGY--Resilience, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

The sophistication of phishing is growing by leaps and bounds. Using AI to pre-empt identification, cybercriminals’ crafty emails no longer contain grammatical mistakes, non-specific greetings, poor-quality company logos and images, and general correspondence - all the things that previously served as “phishing” indicators. 

AI Is Changing The Face Of Phishing 

The phishing onslaught will continue in 2025 as criminals further evolve their hoax and deception techniques. We can expect phishing to take some of these key forms this year.

Live phishing is becoming more prevalent. Criminals are creating messages using AI in tune with specific, relevant events, industry developments, and locations, to make messages appear real and trustworthy. 

Chat-based phishing attacks are growing. Advancing natural language models is empowering cybercriminals to design sophisticated phishing strategies using AI chatbots. These intelligent chatbots can dynamically craft personalised and uniquely adapted interactions, making communication nuanced and challenging to identify as they seamlessly adjust responses to victim reactions in real-time.

Deepfakes are rapidly becoming easier to create.  Attackers are creating exceedingly convincing, difficult-to-detect videos. Likewise, audio deepfakes have become highly sophisticated, with some systems able to clone voices with just a few seconds of sample audio. Especially as short clips, the audio can easily fool listeners, manipulating victims into disclosing confidential information, approving high-value commercial transactions, and more. 

Hyper-personalisation is becoming commonplace. Using analytics and advanced data collection techniques, criminals are using AI to create hyper-personalised phishing attacks via communications that reference victims’ recent behaviours, shopping patterns, social media engagement, and so forth. Such customised, deceptive messages are posing growing challenges for detection.

Fake social media accounts, generated with the use of AI are growing. These accounts mimic real users, with criminals using them to engage with potential victims over extended periods of time to garner trust. 

Malicious websites and links designed with the help of AI is another technique that is growing in popularity with cybercriminals. They are practically impossible to tell apart from legitimate ones, and bypass traditional detection methods. As a result, detection tools aren’t able to flag malicious sites, which is delivering significant success rates for attackers.

Perhaps, the most difficult form to identify yet is AI-driven dynamic phishing, where cybercriminals employ real-time monitoring and machine learning to modify their tactics based on victims' responses. They might show hesitation when replying, delay responses, or express doubt to imitate the individual in question. They deceitfully analyse interaction patterns and adjust their strategies along the way to maximise success rates.

The Challenge For Enterprises

Phishing is a social engineering attack that is designed to manipulatively deceive victims. Now with the use of AI, criminals’ power for deception has grown manifold, rendering traditional approaches ineffective.  For instance, and foremost, the strongest line of defense - i.e. the human - is falling prey to scammers as the traditional phishing-related training is proving inadequate. Likewise, traditional email security programmes – i.e., those built into the most commonly used email platforms - aren’t able to separate AI phishing attempts from legitimate emails. 

Fundamentally, customary approaches to combating AI-driven phishing attacks are insufficient.  

Relying on outdated email security measures and defensive tools that simply react to threats after detection, is futile. Data loss prevention alerts and spam filtering solutions are examples. These conventional detection methods lack the advanced and dynamic detection capabilities AI-powered phishing attacks demand. 

Mitigating Strategies For Enterprises

Today, a multi-pronged strategy for mitigating and combating AI-powered phishing attacks is needed. 

First off, security awareness and training continue to play an instrumental role. Employees need to be aware of the latest AI threats, the various types of coercions that can result in the leakage of sensitive business information, and the signs to look out for in today’s world of AI-led deception. This level of heightened awareness is best imparted through training that mirrors real-life attacks. Theoretical knowledge can no longer be the mainstay of cybersecurity programmes.

Moving on to technology solutions, they too remain crucial. Adding data loss awareness tools to the repertoire (in addition to the traditional data loss prevention tools) is useful as they provide alerts to employees before they take action on a potentially risky email, deepfake, chat, and whatever else. 

Adopting the right email threat protection solution is important. Advanced tools offer capabilities such as attachment sandboxing, dynamic link analysis, and remote browser isolation to help contain the spread of malware and viruses often carried in phishing emails, links, and attachments. 

If AI is proving an effective technology to unleash criminal activity, equally it should be leveraged to defend against those attacks too. It can be used very effectively to detect and mitigate sophisticated threats - alongside other layers of security such as continuous monitoring, multi-factor authentication, and independent verification. 

Last but not least, a zero-trust philosophy must underpin every cybersecurity strategy. Trust no one, assume the legitimacy of no communication, and verify every single interaction.  

This kind of layered and holistic approach to security offers the best chance of defense in an environment where criminals are weaponising every technology and deploying every trick in the book to deceive, manipulate and attack, for monetary gain and business disruption. 

Oliver Paterson is Director of Product Management at VIPRE Security Group

Image: Ideogram

You Might Also Read: 

Using AI To Defend Against AI-Enhanced BEC Scams:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« DeepSeek Exposes Sensitive Data
AI Love You This Valentine's Day »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Research Institute in Trustworthy Industrial Control Systems (RITICS)

Research Institute in Trustworthy Industrial Control Systems (RITICS)

RITICS is one of three Research Institutes formed as part of the UK National Cyber Security Strategy.

Vector InfoTech

Vector InfoTech

Vector InfoTech is a leader in Industrial Security, Networks, IT and Telecommunications.

Cyfirma

Cyfirma

CYFIRMA offers Cyber threat visibility and intelligence suite and services aimed at keeping your organization’s cybersecurity posture up-to-date.

SaltStack

SaltStack

SaltStack develops award-winning intelligent IT automation software. We help businesses more efficiently secure and manage all aspects of their digital infrastructure.

BicDroid

BicDroid

BicDroid is a world leader in data and cyber security with innovative solutions that protect your data anywhere, anytime, against everything.

Enso Security

Enso Security

Enso is the first Application Security Posture Management (ASPM) solution, helping security teams everywhere eliminate their AppSec chaos with application discovery, classification and management.

Virtue Security

Virtue Security

Virtue Security are specialists in web application penetration testing.

Cranfield University

Cranfield University

Cranfield Defence and Security are at the forefront of their fields, offering capabilities ranging from cyber security and digital warfare to robotics, forensic sciences and simulation and analytics.

XioGuard

XioGuard

XioGuard is a managed security service for 360-degree cybersecurity coverage, protecting the entire attack surface, increasing performance, reducing cost, and simplifying operations.

Codean

Codean

The Codean Review Environment automates mundane software analysis tasks, so security experts can focus on finding vulnerabilities.

Winmill Software

Winmill Software

Winmill is a technology services company that provides expert consulting services in Application Development, Application Security and Cyber Security.

Willyama Services

Willyama Services

Willyama Services is a certified Information Technology and Cybersecurity professional services business providing services to government and private sector clients.

Omantel Innovation Labs

Omantel Innovation Labs

The Omantel Innovation Labs is a platform to enable startups and innovators to develop and commercialize solutions within selected technology verticals including cybersecurity.

Kralos

Kralos

Kralos are an experienced team of Software and IT experts, specialized in the development of innovative cybersecurity solutions.

Assura

Assura

Assura provides innovative cybersecurity advisory and managed services to all industries including government, healthcare, financial, manufacturing, and transportation sectors.

Unosecur

Unosecur

Unosecur is a comprehensive identity security platform that addresses identity-related threats in multi-cloud and on-premise environments.