Phishing attacks are become more prevalent as threat actors are arming themselves with potent new tools, according to security vendor Egress, who says that in the second quarter of the year, it recorded a 28% jump in recorded phishing attempts.
Researchers noted that the nature of the attacks is pretty much in line with previous quarters despite the growth attack volume. Most threat actors continue to rely on the tried-and-true tactics of using a compromised account and a bit of social engineering to lure their targets.
“44 percent of attacks were sent from compromised accounts to help them bypass authentication protocols, with 8% originating from an account within an organization's supply chain,” said Egress.
“The most prevalent payloads in these emails were hyperlinks, found in 45 percent of cases, followed by attachments, which appeared in 23 percent of the phishing emails.”
What stuck out to the researchers was some of the new technologies that are available to threat actors. Egress said that analysis of phishing kits being offered for sale on the dark web found that 75% advertised some sort of AI capability, and 82% offered deepfake creation features.
“One of the most troubling findings is the rapid commoditization of AI in phishing toolkits, which is putting advanced threats into the hands of less sophisticated cybercriminals,” explained Egress senior VP of threat intelligence Jack Chapman.
“Organizations must respond by adopting advanced AI defenses that effectively counter these evolving threats; while ensuring they aren’t introducing new vulnerabilities by using AI for AI’s sake.”
That phishing attackers would look to integrate AI into their arsenal of fraud tools is worrying, but not entirely surprising. With developers and software vendors looking to integrate AI into their own projects, experts said it was only a matter of time before threat actors would do the same.
“As the old saying goes, 'the only constant is change,' and this is especially true in cybersecurity. As cybercriminals pivot away from one tactic that is no longer reaping the same rewards, a new one pops up to take its place,” noted Chapman.
“However, the report highlights one enduring reality: modern phishing threats are increasingly driven by impersonation tactics, which have become the backbone of many advanced and targeted attacks against organizations.”
