In 2023, phishing attacks saw a significant increase, affecting a large majority of businesses. This surge was fueled by the use of AI and PhaaS by threat actors.
Description
In 2023, phishing attacks surged by 40% [1] [2], impacting 94% of businesses, with AI and PhaaS playing a significant role in the increase. Threat actors are leveraging generative AI to easily create phishing content [1], while PhaaS enables the hiring of skilled attackers for campaigns [2] [3]. Phishing campaigns have become more agile [1], responding swiftly to events like the CrowdStrike BSOD incident and upcoming events such as the 2024 Olympics and UEFA Euro 2024 [3]. Phishers also target recurring events like the holiday season to carry out attacks [1]. Businesses can mitigate the risk by educating employees and consumers to be cautious with current event-related content and implementing robust security measures [1].
Conclusion
The rise in phishing attacks in 2023, driven by AI and PhaaS, poses a serious threat to businesses. To combat this, organizations must prioritize educating their employees and consumers on the risks associated with phishing attacks and implement strong security measures. Looking ahead, it is crucial for businesses to stay vigilant and proactive in protecting themselves against evolving phishing tactics.
References
[1] https://thehackernews.com/2024/08/how-phishing-attacks-adapt-quickly-to.html
[2] https://nsaneforums.com/news/security-privacy-news/how-phishing-attacks-adapt-quickly-to-capitalize-on-current-events-r24906/
[3] https://cyberdaily.co.uk/2024/08/12/how-phishing-assaults-adapt-shortly-to-capitalize-on-present-occasions/
