Cyber toolkits for threat actors are now harnessing the latest deepfake technology and artificial intelligence (AI) for targeted email attacks, known as ‘spear-phishing.’ According to cloud cybersecurity firm Egress, a staggering 82 percent of phishing toolkits mentioned deepfakes, and 75 percent referenced AI.
The growing threat presented by the use of deepfakes by cybercriminals was highlighted earlier this year at InfoSecurity Europe in London. Widely available toolkits now enable even relatively unskilled hackers to create highly convincing video and audio clips of chief executives (CEOs) and other senior staff members in any specific organization. All the threat actor needs is a short video clip of the person they wish to impersonate. This can easily be copied from a corporate seminar or from a video podcast.
For example, a staff member working in accounts might receive a phone call or even be invited to a video conference with the organization’s chief finance officer (CFO). Unaware that they are actually holding a conversation with an unscrupulous fraudster whose aim is to attack their company and defraud it of revenue. All the threat actors posing as the CFO or a similar trusted executive need do is instruct the unsuspecting staff member at the other end of the call to make a cash transfer to a new account. Another ploy is simply to tell the hapless employee to open a secretly weaponized link to an apparently harmless website. The threat actor then unwittingly downloads malware to the target organization, facilitating a wide number of potential cyber-attacks.
Nine in ten phishing emails involve impersonation
Egress’s latest Phishing Threat Trends Report (October 2024) reports that almost nine in ten, 89 percent, of phishing emails involve the impersonation of a key individual, such as a trusted colleague of the fake email recipient. One in ten spear-phishing attacks, nine percent, rely solely on social engineering techniques. ‘Social engineering’ refers to the process of online intelligence gathering employed by threat actors prior to a targeted spear-phishing attack.
Until now, social engineering of this type was a lengthy and fairly skilled process involving trawling numerous social networks to painstakingly build a detailed profile of the targeted member of staff. But off-the-shelf phishing kits now provide AI tools that can accomplish this profiling process in seconds rather than hours or days.
This has enabled threat actors to scale up the volume of their spear-phishing attacks exponentially. Egress reports a 28 percent increase in phishing emails sent between April 1st – June 30th vs January 1st – March 31st, 2024, with June seeing the highest volume of phishing emails.
