Skip to content

At The Identity Organisation, we're here to help!

    Your privacy is important to us, and we want to communicate with you in a way which has your consent and which is in line with UK Law on data protection. As a result of a change in UK law on 25th May 2018, by providing us with your personal details you consent to us processing your data in line with current GDPR requirements.

    Here is where you can review our Privacy & GDPR Statement

    To remove consent at any time, please e-mail info@tidorg.com with the word "unsubscribe" as the subject.

    +44 (0) 1628 308038 info@tidorg.com

    Bruce Schneier: “AI Will Increase the Quantity—and Quality—of Phishing Scams”

    Wow. It does not happen often that the godfather of infosec comes out this strong about phishing risks. He co-published new research in the Harvard Business Review May 30, 2024, which in turn links back to the actual study that was published at the IEEE. This is the best budget ammo I have seen in the last few years. 

    The summary of the article is as follows: “Gen AI tools are rapidly making these emails more advanced, harder to spot, and significantly more dangerous. Recent research showed that 60% of participants fell victim to artificial intelligence (AI)-automated phishing, which is comparable to the success rates of non-AI-phishing messages created by human experts.

    Companies need to:

    1. Understand the asymmetrical capabilities of AI-enhanced phishing,
    2. Determine the company or division’s phishing threat severity level, and
    3. Confirm their current phishing awareness routines.”

    They end off with: “Artificial intelligence, and LLMs in particular, are significantly enhancing the severity of phishing attacks, and we can expect a sharp increase in both the quality and quantity of phishing in the years to come. When targeting human users, AI disproportionately benefits attackers by making it easier and more cost-effective to exploit psychological vulnerabilities than to defend and educate users.

    “Most employees have a digital footprint with publicly available information that makes it easy to impersonate them and create tailored attacks. Therefore, phishing is evolving from mere emails to a plethora of hyper-personalized messages, including falsified voice and video.

    “Managers must correctly classify the threat level of their organization and department to take appropriate action. By raising employee awareness about this emerging threat and equipping them to accurately assess the risk to themselves and their organization, companies can aspire to stay ahead of the curve and mitigate the next generation of phishing attacks, which will claim more victims than ever before.”

    Here is the link to the full article:

    This is a link to the study at IEEE.org

    https://ieeexplore.ieee.org/document/10466545


    Request A Demo: Security Awareness Training

    New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn’t a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your one-on-one demo of KnowBe4’s security awareness training and simulated phishing platform and see how easy it can be!

    PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser: https://info.knowbe4.com/one-on-one-demo-partners?partnerid=001a000001lWEoJAAW

    Sign Up to the TIO Intel Alerts!

    Back To Top