Hackers are using generative AI for phishing and spear phishing campaigns. Learn more here!
GenAI is growing, and with it, new attack vectors are also on the rise. Since generative AI has fueled a quick rise of websites, applications, and platforms and introduced vibe coding, attackers are getting into the game with phishing, spear phishing, and other campaigns. Here’s what you need to know.
How are Attackers Using AI for Phishing Campaigns?
Since AI assistants are already being used to assist with generating code and they can answer all kinds of questions by developers and beyond, security companies are noticing an increase of threat actors using popular AI-powered website builders allowing them to enter a prompt and build and publish websites without any ID, phone, or email verification. Those websites are then being used for phishing and spear phishing campaigns as well as other things.
Research by Palo Alto Networks
According to Unit42 of Palo Alto Networks, nefarious parties are increasingly using prompts to quickly craft and publish phishing and spear phishing websites with images and text identical to that of their target. According to the company, in May of this year alone there have been numerous examples of AI-powered generated landing pages that were being used for phishing and theft of credentials. One of such websites can be seen below:
Websites or applications built by GenAI to accelerate phishing or spear phishing campaigns fall into multiple categories with these being websites or apps that provide coupons to buy something for cheaper, websites or apps that provide easy access to gift cards, or other things.
Researchers from Palo Alto Networks have also discovered that free AI website generators could be used to impersonate companies like Palo Alto Networks themselves and with a prompt including a business or project name, its description, and concrete details on the style and the content that should be included on the website, they have created a staging environment for a website impersonating Palo Alto Networks.
AI has even generated a convincing description of Palo Alto Networks, further easing the impersonation efforts and also included links to different pages that contained descriptions of firewalls, cloud security solutions, and threat intelligence-related services. Researchers have even determined that AI solutions could craft fake gift card sites that are spoofing popular vendors. Combine that with spear phishing efforts undertaken by attackers, and it’s easy to see how people fall for such things.
Palo Alto Networks has also identified a couple of real-world URLs that were used for phishing campaigns with messages that led to websites that would steal user credentials.
How to Stay Safe From Phishing and Spear Phishing?
To stay safe from phishing and spear phishing campaigns like these, always verify that the URL you are visiting is indeed the website that you want to visit, verify that the information displayed on the website is authentic (Googling will do), and make sure to follow proper security practices when browsing the web and being offline.
Websites that provide the ability to check whether your data is in danger are a great way to do that: data breach search engines like BreachDirectory.com will allow you to check whether your personal information (email addresses, usernames, IP addresses, or other information), are compromised in any known data breaches, and also allow you to search through a variety of other data sources such as Pastebin and YCombinator data to conduct further due diligence on IP addresses, email addresses, or other data sources.
Summary
Generative AI services are not only used to assist developers in writing code and generating applications. Attackers, understandably, are getting into the game as well and with researchers like Palo Alto Networks identifying that their campaigns already include phishing websites and websites selling/giving away gift cards, things are not looking too good.
On the other hand, there are ways to protect yourself. Tread the Web carefully, peruse data breach search engines if you have the need to do so, and until next time.
FAQ
What is Spear Phishing and Why Is It Dangerous?
Spear phishing is a type of a phishing attack where attackers are aiming to induce an individual to reveal confidential information by sending emails that appear to originate from a trusted source.
How are Attackers Using AI for Phishing Campaigns?
According to researchers from Palo Alto Networks, attackers are using GenAI services to craft websites impersonating their target with an aim to steal sensitive information of interest to themselves. Attackers are also using spear phishing to induce targeted individuals to reveal confidential information.
How to Keep Safe from Spear Phishing Campaigns?
To keep yourself safe from phishing and spear phishing campaigns like the ones depicted above, verify the URLs of the websites you visit to make sure it’s safe to provide information to them and be cautious while surfing the Web in general. Data breach search engines can assist you in doing just that by allowing you to check whether you are safe from identity theft or not.
Why Should I Use BreachDirectory.com?
Consider using data breach search engines like BreachDirectory.com because such data breach search engines allow you to check whether your personal information is at risk by allowing you to search for email addresses, usernames, or IP addresses, as well as other sensitive information or help you investigate cybercrime if you’re already fallen victim to identity theft or other attacks.