GENERATIVE AI IS ADVANCING PHISHING ATTACKS, HOW CAN YOU PROTECT YOUR BUSINESS?
The past year has already seen major advancements in the field of Generative AI and Large Language Models such as ChatGPT, Microsoft Bing Chat Google Bard, Facebook LLaMA and many other independent models. An unfortunate side effect of the rise in the use of Generative AI, is its use for malicious purposes such as Anti-Virus Signature Avoidance, Assistance in Creating Malware, and its use in making Phishing and Social Engineering Attacks. Despite this, there are a few common signs you can look out for, let's take a closer look at some of these;
1. Scrutinising Sender Details
Domain Spoofing - One way that attackers attempt to be able to gain your trust through phishing attacks is through “Domain Spoofing.” This is a method by which attackers will send emails from an address that, at first glance, may appear to be from a trusted source. However, the email address domain is slightly different, substituting a letter for a number or character that looks similar.
For example;
support@goog1e.com - Using a “1” instead of a lower case “L” to emulate support@google.com. Whilst this may be an easy example to spot for many, other examples are not as easy to spot.
Which of the following is the correct email address?
While all of these may look correct for an Amazon email address is actually the middle example.
1. noreply@αmαzon.com uses the Greek letter “α” or Alpha.
3. noreply@аmаzon.com uses the Cyrillic letter “а” which in some fonts looks exactly like a regular lowercase “A”.
Display Name Spoofing
Another method which attackers often use to appear as trustworthy is “Display Name Spoofing.” When receiving an email from noreply@amazon.com this may appear as “Amazon Support” in your email Inbox, this is because “Amazon Support” is the “Display Name.”
However, attackers often use the Display Name to show an email address to appear as legitimate. For example;
Display Name: noreply@amazon.com
Email Address: fakeemail@fakedomain.com
Unless you were to click on the “Display Name” you may believe that this has come from Amazon. As such it is always important to scrutinise the senders' details of an email, especially if the request is unusual, such as asking for payment, signing into an account, stating an account is on hold, linking to a download and more.
2. Unusual Requests or Warnings
Genuine businesses or organisations will not request sensitive information such as Passwords, Credit Card Details, National Insurance Numbers and so on via email. Similarly, Businesses will not ask you to click on a link to sign into a Microsoft Account to download a simple PDF or Word Document. The only exception to this rule may be if a user is sharing a SharePoint/OneDrive file/folder access with you which they would have otherwise informed you of in advance. Any emails demanding “immediate action” or instilling a sense of urgency are frequently signs of a phishing attempt. Be wary of threats like account closure or warnings of unauthorized activity, designed to frighten victims into acting swiftly and without due consideration.
3. Spelling and Grammar Errors
Phishing emails are known to commonly contain spelling mistakes, grammatical errors, or awkwardly structured sentences that reputable businesses would not send as part of their official communication. However, with the use of Generative AI, this is becoming much harder to spot. Generative AI is being used to produce content quickly and easily in the common style and structure of businesses. By training Generative AI Large Language Models on previous communications from people or companies, it can accurately reproduce realistic-looking content in that same style.
4. Generic Greetings
Most reputable companies personalise their marketing emails and other forms of email communication with the recipient's name from their customer database. Phishing attempts, on the other hand, are more likely to use generic greetings such as 'Dear Customer' or 'Dear Account Holder' as they may not have access to names associated with email addresses. Whilst this is not an accurate indicator of a phishing attack, it is a detail worth keeping in mind that could lead you to check other indicators we have mentioned in this article.
5. Inspection of Links and Attachments
Hyperlinks and attachments are a common method used by attackers to launch attacks on your business. Links are often used to lead you to an illegitimate site, that could be designed to appear like a legitimate one, in an attempt for you to interact with it, download content or steal your sign-in data. These have even been known to be monitored live so that malicious threat actors can prompt you with a multi-factor authentication code in an attempt to gain access to your account in real-time. As such it is always important to scrutinise the URL you are being sent to. The same vigilance should be exercised with attachments. Unless you're expecting a document or receive regular attachments from someone, think twice before opening an unsolicited attachment. Attachments can be used as a method to deliver malware to your device, but also, they have been known to contain their own hyperlinks to avoid link checking within poor email security solutions.
6. Unrequested or Unexpected Emails
It is important to be wary of emails that you are not expecting, especially those purporting to be from government bodies, banks, online stores, cloud storage providers and more. Phishing attempts often masquerade as important or urgent communications requiring “immediate attention.”
How can you protect yourself from evolving Email Security threats?
Recognising common phishing signs is an essential skill in the ever-evolving cyber security landscape. However, knowing the common signs to look for is just the first step to safeguarding your sensitive information, as Cyber Security Threats continue to evolve with the assistance of Generative AI tools, it is becoming increasingly difficult to spot phishing and social engineering attacks. As such it is important to have a strong email security solution in place, our Advanced Email Security solution uses AI, and Machine Learning tools to be able to spot these common types of phishing attacks, even those made with the assistance of Generative AI and much more.
Advanced Email Security can monitor for suspicious language, and requests, if the display name does not match the email or previous communications, it can identify vulnerable people within your business, monitor hyperlinks to ensure they are not designed to capture your data, check attachments for malware and much more besides. If you would like to find out more about our Advanced Email Security Solution visit our Email Security Service page or Contact Us to arrange a Demo.
In the fight against cyber crime, knowledge is power. Stay Safe, Stay Vigilant, Stay Cyber Secure.