The SlashNext State of Phishing Report for 2023 reveals a significant increase in phishing attacks [1] [3] [7], attributed to the use of generative AI tools [1] [5] [7]. This report highlights the need for understanding the dangers of AI-generated threats and responding appropriately [1].
Description
The report shows a staggering 1,265% surge in phishing attacks from Q4 2022 to Q3 2023 [4], driven by the use of generative AI tools like ChatGPT [1] [2] [6]. These tools enable cybercriminals to create sophisticated and targeted phishing messages [1]. Credential phishing attacks have also increased by 967% [5], serving as the primary access point for organizational breaches [1]. The report identifies an average of 31,000 daily phishing attacks, with 68% being text-based Business Email Compromise (BEC) attacks [1] [6]. Mobile-based attacks [2] [3] [4] [5] [6] [7], including SMS phishing (smishing) [4] [7], account for 39% of these attacks [7]. The emergence of “Dark LLMs,” malicious chatbots, and AI jailbreaks are mentioned as contributing factors to the rise in phishing [4]. A survey of over 300 cybersecurity professionals reveals that close to half have experienced a BEC attack, 77% have been targeted by phishing attacks [4], and 28% have received phishing messages via text [4]. The use of AI in phishing attacks allows for the creation of convincing profiles and text [4], as well as the development of malware [4]. However, AI can also be used for defense against these sophisticated attacks [4], with effective training proving successful against AI-generated threats. The report emphasizes the evolving threat landscape and the importance of organizations responding appropriately [7]. It predicts an increased demand for AI-driven cybersecurity solutions and emphasizes the need for collaboration between AI developers [3], cybersecurity professionals [2] [3] [4], and policy makers [3]. The findings highlight the potential societal impact of AI-fueled cybercrime [3], leading to changes in digital communication practices [3]. The report’s accessibility and clear explanations make it valuable [3], although some technical terms may be unfamiliar to those outside the cybersecurity field [3]. The global implications of phishing attempts targeting individuals and organizations worldwide are significant and could impact the AI investment landscape [3], emphasizing the necessity of investing in AI-driven cybersecurity solutions [3].
Conclusion
The report underscores the need for understanding and addressing the true dangers of AI-generated phishing attacks. It highlights the importance of organizations responding appropriately to these threats and predicts an increased demand for AI-driven cybersecurity solutions. Collaboration between AI developers [3], cybersecurity professionals [2] [3] [4], and policy makers is crucial in mitigating the evolving threat landscape. The potential societal impact of AI-fueled cybercrime necessitates changes in digital communication practices [3]. Investing in AI-driven cybersecurity solutions is essential to protect individuals and organizations worldwide and to safeguard the AI investment landscape.
References
[1] https://www.investorsobserver.com/news/qm-pr/8271476438300710
[2] https://vmblog.com/archive/2023/10/30/slashnext-s-2023-state-of-phishing-report-reveals-a-1-265-increase-in-phishing-emails-since-the-launch-of-chatgpt-in-november-2022-signaling-a-new-era-of-cybercrime-fueled-by-generative-ai.aspx
[3] https://starlane.ai/news/2023-10-slashnexts-2023-state-of-phishing-report-r/
[4] https://siliconangle.com/2023/10/30/slashnext-report-uncovers-1265-increase-phishing-emails-year/
[5] https://cybersecurity-see.com/report-shows-1265-increase-in-phishing-emails-linked-to-chatgpt/
[6] https://finance.yahoo.com/news/slashnexts-2023-state-phishing-report-152000834.html
[7] https://www.infosecurity-magazine.com/news/chatgpt-linked-rise-phishing/