Wednesday, December 6, 2023

New Phishing Attacks Using ChatGPT to Develop Sophisticated Campaigns

By Guru baran

New Phishing Attacks

Phishing has been one of the greatest threats to organizations, growing year after year. Phishing attacks have contributed to 90% of data breaches in the past few years, which makes cybercriminals adapt to them, making their attacks much more successful.

Zscaler has published a report indicating an increase of 47.2% in global phishing attacks. These include smishing (SMS), Vishing (VoIP), emails, Adversary-in-the-middle (AiTM, used to bypass Multi-factor authentication), and Phishing-as-a-Service (PaaS)-based attacks.

Since the COVID-19 pandemic, businesses have adapted to remote working, giving threat actors a much larger attack surface to conduct their criminal activities.

Due to business purposes, organizations have been using several communication methods like email, SMS, voice communications, etc., 

However, cybercriminals target and exploit every communication method, resulting in ransomware attacks or data breaches. As per reports, the most targeted industries are 

  1. Education (25.1%)
  2. Finance and insurance (16.6%)
  3. Government (13.8%)
  4. Other (10.5%)
  5. Health Care (8.9%)
  6. Manufacturing (8.8%)
  7. Retail Wholesale (6.4%)
  8. Services (5.7%)
  9. Technology communication (4.1%)

Compared to 2022, attacks on the education industry have increased by a massive amount of 576%, whereas retail and wholesale have dropped by 67% compared to 2021.

Zscaler stated that these attacks are based on analyzing 280 billion everyday transactions and 8 billion blocked attacks.

Other targets include Microsoft (41.4%), OneDrive (23.4%), Sharepoint (5.1%), Binance (crypto exchange, 23.4%), and other illegal streaming services (6.7%).

Imitated brands

The report also stated that these threat actors had used phishing kits and chatbot AI tools like ChatGPT. AI tools are being manipulated into creating sophisticated phishing campaigns cybercriminals use to bypass several security measures.

Zscaler reports suggesting organizations implement a Zero-Trust policy to verify every network, user, application, and device before they are authorized to access sensitive data.

Building Your Malware Defense Strategy – Download Free E-Book

Managed WAF Protection

Website

Latest articles

cyber security

BlueNoroff: New Malware Attacking MacOS Users

Researchers have uncovered a new Trojan-attacking macOS user that is associated with the BlueNoroff APT...
cyber security

Serpent Stealer Acquires Browser Passwords and Erases Intrusion Logs

Beneath the surface of the cyber realm, a silent menace emerges—crafted with the precision...
Cyber Attack

Doppelgänger: Hackers Employ AI to Launch Highly sophistication Attacks

It has been observed that threat actors are using AI technology to conduct illicit...
cyber security

Kali Linux 2023.4 Released – What’s New!

Kali Linux 2023.4, the latest version of Offensive Security's renowned operating system, has been...
cyber security

Trickbot Malware Developer Pleads Guilty & Faces 35 Years in Prison

A 40-year-old Russian national, Vladimir Dunaev, pleaded guilty for developing and deploying Trickbot malware....
cyber security

ICANN Launches RDRS to Assist Law Enforcement Agencies to Discover Private Info

ICANN is a non-profit organization that is responsible for coordinating the global internet's-DNSIP address...
cyber security

Hackers Use Weaponized Documents to Attack U.S. Aerospace Industry

An American aerospace company has been the target of a commercial cyberespionage campaign dubbed...
Guru baran
Guru baranhttps://gbhackers.com

API Attack Simulation Webinar

Live API Attack Simulation

In the upcoming webinar, Karthik Krishnamoorthy, CTO and Vivek Gopalan, VP of Products at Indusface demonstrate how APIs could be hacked.The session will cover:an exploit of OWASP API Top 10 vulnerability, a brute force account take-over (ATO) attack on API, a DDoS attack on an API, how a WAAP could bolster security over an API gateway

Register Your Spot

Related Articles

Connect with GBHackers On Security

Join 70,000 Security Professionals

Stay safe online with free daily cybersecurity updates. Sign up now!

GBHackers on security is a highly informative and reliable Cyber Security News platform that provides the latest and most relevant updates on Cyber Security News, Hacking News, Technology advancements, and Kali Linux tutorials on a daily basis. The platform is dedicated to keeping the community well-informed and up-to-date with the constantly evolving Cyber World.

Menu

Contact US:

[email protected]