Lines overlay image

Blog | 3-minute Read

The AI phishing threat: Don't get reeled in

"

David Guest

Solution Architect & Technology Evangelist

Published: 17 April 2023

Hacking groups have become multi-billion dollar enterprises. And, like any ambitious organisation, they’re always looking to improve and take advantage of new tools. Like AI chatbots. 

Unless you’ve been deliberately staying away from the news, you’re likely aware of the explosion in popularity of AI chatbots.

They’ve been predicted to completely revolutionise the world. Everything from writing marketing copy in seconds, to fundamentally changing how search engines work.

The potential they have to facilitate business growth at scale and for increased productivity is massive.

However, with new technology comes new threats. And new opportunities for bad actors to exploit.

Smarter phishing makes you more likely to take the bait

Phishing emails are a well-established tool for the cyber criminal.

Half of all adults in England and Wales reported receiving a phishing email1 last year, while UK businesses have identified phishing attempts as the most common form of cyber threat2.

They’re remarkably successful, too. Recent statistics suggest phishing emails have an open rate as high as 30%3.

Traditionally, phishing emails have been easy to spot. They were usually riddled with poorly written English, grammatical errors, and poor spelling.

However, phishing emails written with AI Chatbots are grammatically correct. And have none of the poor English or poor spelling of their predecessors.

You also don’t need any expert knowledge to use AI Chatbots. You don’t even need to speak or write in English fluently. The more sophisticated AI Chatbots can translate from almost any language.

Because of these advances, the latest phishing emails have become so sophisticated that people fail to identify the malicious ones. 97% of people globally can’t identify phishing emails correctly4.

Not only are hackers using AI to write sophisticated emails. They’re also applying the tech to constantly refine and make their messages ever harder to detect. 

The Ultimate Guide to Microsoft Enterprise Security

Microsoft security simplified. Download your 40-page guide.

With AI-Phishing, it’s a matter of scale

AI tools can use large datasets to generate hundreds, if not thousands of personalised phishing emails to flood user inboxes.

They’re not just fooling spam filters, they’re overwhelming them and IT departments with volume.

Even well-trained employees will find it difficult to cope with the higher volumes of phishing emails that are expected to come.

AI Chatbots are now so sophisticated they can generate usable code. Which enables them to create more convincing spoofed landing pages and invoices.

By 2025, the consumerisation of AI-enabled fraud will fundamentally change enterprise attack surface.

Gartner predicts, 2023

So, how do you fight against sophisticated AI tools?

One effective solution is to send your own sophisticated AI tools into battle.

AI-driven anti-phishing technology can be applied. It can detect anomalies across hundreds of thousands of emails, spotting patterns at speed and at scale.

What about your users or employees?

Well, cyber awareness training has never been more important.

Companies shouldn’t neglect employee education on the latest AI-generated phishing strategies. And should encourage them to always report suspicious emails.

Plus, maintaining good digital hygiene and a zero trust mindset is crucial to combatting phishing attempts.

Your employees should be mindful of how much information they willingly offer up on things like social media. This leaves them vulnerable to spear phishing.

You never know what a determined cyber criminal – armed with a little information and an AI Chatbot – can do with it.

Next steps

The Ultimate Guide to Microsoft Enterprise Security

Microsoft security simplified. Download your 40-page guide.

tag icon

Great emails start here

Sign up for free resources and exclusive invites

Subscribe to the Kocho mailing list if you want:

  • Demos of the latest Microsoft tech
  • Invites to exclusive events and webinars
  • Resources that make your job easier
Butterfly overlay image
"

Author

David Guest

David Guest is Kocho’s Solution Architect & Technology Evangelist. He’s responsible for developing identity, Microsoft 365 security, and other cloud service solutions – and keeping our clients abreast of the latest technology trends.

Butterfly overlay image

Got a question? Need more information?

Our expert team can help you.