- Experts warn phishing emails written by AI seem polite and bypass traditional email filters
- Polymorphic attacks are constantly moving to escape real -time detection
- EXMOSAL EMPLOYER SCREEMENTS Now imitating executives with an almost perfect formatting
We have already said it and we install it. Artificial intelligence changes the face of cybercrime, and phishing is an area where it strikes the most harshly.
The new data from the COFENSE security company have warned that the phishing campaigns supplied by AI are not only more frequent but also much more convincing than ever.
These emails are cleaner, more polite and adapted to deceive even more cautious users, and with generative AI tools now accessible to almost anyone, threat actors evolve their operations at a rate that many companies simply cannot follow.
Very evasive delivery system
In his latest information report on threats, The rise of AI – a new era of phishing threatsCofense details how phishing tactics are evolving at a phenomenal rate.
In 2024, the Cofense Phishing Defense Center detected a malicious e-mail every 42 seconds, many of which have slipped by defenses of the inherited perimeter.
E-mail scams jumped 70% from one year to the next, fueled by AI’s ability to imitate the tone, at the internal e-mail factory and personalize messages with impressive precision.
Messages now have perfect grammar, precise formatting and realistic sender addresses. They often also usurpted the leaders of the C Suite C, respond in existing messaging wires and use Lookalike areas such as “@ consultant.com”.
This evolution towards compromise by e-mail (BEC) has become a major threat. The content generated by AI does not have the revealing signs which previously gave phishers, such as striking faults, spelling errors and clumsy phrasing, often indices that suggest that English may not be the first language of the sender.
Another area of concern, according to Cofense. These constantly evolving attacks modify their content in real time to escape safety tools based on the signature. The object lines, the details of the sender and the text move dynamically, which makes detection with traditional filters almost impossible.
The malware integrated into these emails have also evolved, reports Cofense, with more than 40% of the samples in 2024 being newly observed threats, including a lot of remote access (rats).
How to stay safe
Carefully examine the content of emails: Be skeptical about e-mails involving financial actions, urgent requests or a language outside, even if the formatting seems perfect.
Check internal requests: If an email claims to come from a colleague or a framework, check using known contact methods before acting.
Do not count on appearance: E-mails generated by AI often look impeccable, so focus on context, calendar and content rather than “professional” appearance.
Avoid clicking on the links without verification: Flour the links to check their destination and avoid downloading files from unknown or unexpected messages.
Use safety tools that go beyond the perimeter: Look for solutions that offer a post-literal analysis and a response to threats depending on behavior, not just signatures.
