For years, phishing was just a malicious actor slapping together an extremely generic and poorly-written email and firing it out to thousands of recipients in the hope that a few might take the bait. However, as spam filters and email security tools have improved, threat actors have adapted and began leveraging new techniques. Some of these techniques are spear-phishing and business email compromise. These techniques use more carefully crafted and convincing messages tailored to deceive specific individuals, groups, or organizations. This shift in phishing philosophies has also led to a precipitous decline in the use of malicious payloads (i.e., links or attachments) in phishing emails – presumably to avoid detection from the more capable email security solutions of today. While these techniques have been on the rise for some time, they have always been limited by the time-consuming, labor-intensive processes of researching targets and crafting convincing emails. However, this constraint seems like a thing of the past with the emergence of generative AI (GenAI) effectively flipping the funnel on phishing speed and scale. It has become apparent that the only reliable way to combat these advanced phishing techniques is is to leverage AI and machine learning-enabled email security solutions as defensive measures against this rapidly changing, increasingly-challenging threat landscape.
Read more: https://www.helpnetsecurity.com/2024/01/15/genai-tools-phishing/