By 2023, an alarming 94% of businesses had been affected by phishing attacks, a staggering 40% increase from the previous year, according to.
As cybercriminals increasingly rely on social engineering tactics to exploit human vulnerabilities, the rise of phishing attacks has become a pressing concern for individuals and organizations alike. With the ever-growing reliance on digital communication, phishing scams are capitalizing on our natural inclination to trust and respond to familiar emails from seemingly legitimate senders. One common tactic used by cybercriminals is the adoption of generative AI, which has significantly simplified the process of creating convincing content, such as malicious emails, that can be employed in sophisticated phishing attacks. Moreover, AI-powered malware is often used by risk actors to compromise the security of targeted computer systems and servers, frequently deployed as part of sophisticated phishing operations.
The rise of cloud-based infrastructure, or PhaaS, is another significant factor in explaining why phishing threats have reached an all-time high. PhaaS’s permissive nature allows nefarious actors to hire expert hackers and orchestrate sophisticated phishing attacks on behalf of clients, making it surprisingly easy for anyone harbouring a grievance or seeking financial gain to execute elaborate phishing schemes with devastating consequences.
Phishing attacks have become increasingly sophisticated and adaptable.
To fully grasp the phishing phenomenon’s upward trajectory, it’s essential to scrutinize how threat actors leverage AI and PhaaS to adapt swiftly to shifting circumstances, thereby amplifying their operational tempo.
Prior to the advent of generative AI, the laborious and time-consuming process of creating phishing content manually significantly hindered malicious actors’ ability to swiftly respond to emerging opportunities and execute high-caliber campaigns. Without PhaaS options, teams struggling to tackle phishing attacks in a company often lacked a swift and straightforward approach to launching an attack. Despite recent advancements, indications are now suggesting a shift in this trend.
See trending phishing and impersonation tactics, methods, and procedures in cybersecurity?
Evolving Phishing Threats Targeting Emerging Situations
Phishing thrives on exploiting current events and societal emotions, preying on individuals’ vulnerabilities during periods of heightened excitement or concern. In relation to evolving scenarios, specifically like the CrowdStrike “Blue Screen of Death” (BSOD), that’s indeed a pertinent observation.
Phishing expeditions often follow in the aftermath of a major IT meltdown like the notorious CrowdStrike BSOD incident.
On July 19, cybersecurity firm CrowdStrike inadvertently triggered a Windows malfunction that caused blue screens of death (BSODs), leaving users perplexed.
CrowdStrike quickly addressed the issue, but not before threat actors started launching phishing attacks targeting individuals and organizations seeking answers about the outage. Following the CrowdStrike incident, Cyberint promptly detected multiple instances associated with it throughout the first day. Two or more of these domains appear to have been copying and sharing CrowdStrike’s workaround repair, seemingly attempting to elicit donations via PayPal. Following digital clues, cybersecurity experts at Cyberint tracked the anonymous donation trail to a software developer, Aliaksandr Skuratovich, whose online presence also featured the suspicious website on his LinkedIn profile.
The organization has undertaken several initiatives to capitalize on the momentum generated by the CrowdStrike incident, including a crowdfunding campaign aimed at raising funds for a project whose origins lie outside its direct purview. Various typo-squatting domains falsely advertised the availability of a complimentary repair, which could be obtained directly from CrowdStrike, in exchange for payments of up to €1,000. However, organisations had already fallen victim to the domains before they were taken down. According to Cyberint’s assessment, the cryptocurrency wallets associated with the scheme amassed approximately €10,000.
Cybercriminals’ Tactics: Phishing Attacks Triggered by Specific Situations
On specific instances, the attacks often become more frequent and elaborate. In the aftermath of unexpected events like the CrowdStrike outage, malicious actors are afforded more time to regroup and coordinate their efforts.
Phishing on the Olympics
As the 2024 Olympics in Paris approached, phishing attacks were successfully linked to real-world events, highlighting threat actors’ ability to launch sophisticated campaigns tied to current affairs.
One instance of fraudulent activity targeting the vulnerable demographic is Cyberint’s claim that recipients had won video game tickets. They feign a requirement for a nominal payment to cover the supposed ticket procurement costs, attempting to dupe unsuspecting victims into parting with their money.
If users provided their financial information to complete a transaction, malicious actors exploited this data to mimic victims’ identities and conduct unauthorized transactions using their compromised accounts?
In another notable case of Olympic-themed phishing, cybercriminals in March 2024 launched a convincing website that purportedly sold tickets to eager buyers. Despite appearances to the contrary, it was all an elaborate deception.
Despite lacking a rich history, the website’s prominent online presence, driven by high Google search rankings, significantly increased the likelihood that unsuspecting ticket seekers searching for Olympics tickets online would become preyed upon by scammers.
Phishing and soccer
During the event, malicious cyber actors launched numerous fraudulent mobile applications that masqueraded as the official UEFA entity, which organised the competition. Given the group’s official title and brand were prominently featured in the apps, it was likely intuitive for many people to assume that the organization was professional.
Notably, these apps were not hosted within the proprietary stores operated by Apple and Google, which typically identify and remove malicious applications; however, there is no guarantee that this process occurs promptly enough to prevent exploitation. While previously available through unregulated third-party app stores, these apps became harder for users to find – but many mobile devices lacked controls to block them if someone attempted to download malicious software from an unofficial store by browsing directly to the source.
Phishing and recurring occasions
As recurring events unfold, cybercriminals are well aware of how to capitalize on circumstances to orchestrate sophisticated and high-impact attacks.
Card fraud, a pervasive issue in e-commerce, involves the unauthorized use of payment cards to make purchases or obtain goods. Scammers may exploit vulnerabilities in online transactions, such as fake websites, to steal sensitive financial information. To combat this, merchants must ensure robust security measures are in place, including encryption and secure servers.
Another type of fraud is non-payment scams, where criminals pose as customers and request refunds or chargebacks for purchases they never actually made. These scammers may use stolen identities or compromised accounts to facilitate their schemes.
Order receipts can be a valuable tool in detecting fraud, as they provide a paper trail of transactions. However, it’s crucial to verify the authenticity of these documents to avoid falling prey to fraudulent activities. So beware of phishing scams that attempt to trick individuals into applying for fake seasonal jobs as a way to obtain their personal information?
As holiday season approaches, the perfect conditions are created for phishing scams to thrive due to the surge in online shopping, irresistible deals, and an influx of promotional emails. .
Phishing attacks exploit human psychology by creating a sense of urgency, making victims more likely to act impulsively.
Unfortunately, the proliferation of AI-powered and PhaaS-based solutions has inadvertently amplified the ease with which phishers operate, prompting us to anticipate that threat actors will increasingly leverage such tactics.
Here are some methods companies and people can take:
While companies cannot eliminate all cyber threats, they can proactively anticipate and prepare for predictable spikes in attacks driven by specific events or seasonal patterns, thereby reducing the risk of successful breaches.
During instances of heightened sensitivity, they will provide training to both employees and customers on being more vigilant in their responses to content tied to ongoing events.
While AI and PhaaS have amplified the ease of phishing attacks, organisations and individuals can still fortify their defences against these risks. By grasping the tactics employed by risk actors and deploying effective safeguards, the likelihood of falling prey to phishing attacks can be significantly reduced.
