Skip to content

At The Identity Organisation, we're here to help!

    Your privacy is important to us, and we want to communicate with you in a way which has your consent and which is in line with UK Law on data protection. As a result of a change in UK law on 25th May 2018, by providing us with your personal details you consent to us processing your data in line with current GDPR requirements.

    Here is where you can review our Privacy & GDPR Statement

    To remove consent at any time, please e-mail info@tidorg.com with the word "unsubscribe" as the subject.

    +44 (0) 1628 308038 info@tidorg.com

    Unwrapping the Threat: AI-Powered Phishing Attacks Take Center Stage in 2023 Holidays

    As the holiday season approaches, so does the annual surge in online shopping and holiday package tracking. Unfortunately, this joyous time has also become a prime hunting ground for cybercriminals.

    In a concerning development, cybersecurity experts are sounding the alarm about a new weapon in the phishing attackers’ arsenal: generative artificial intelligence (AI).

    In this blog post, we explore the rising threat of AI-powered phishing attacks during the 2023 holiday season and the efforts taken by cybersecurity organizations to counteract these malicious activities.

    The Growing Menace

    Inbox defenders are raising red flags about the integration of generative AI into phishing attacks, providing attackers with a potent tool to exploit the hustle and bustle of holiday-related online activities. With consumers and companies set to spend a record $270 billion in online shopping, the stakes are higher than ever.

    The Super Bowl of Cybercrime

    Online holiday fraud has become a lucrative event for cybercriminals, akin to the Super Bowl. In 2022, scammers in the United States alone pocketed more than $73 million during the holiday season according to the FBI. This number is expected to rise, considering the 1,265% uptick in phishing email attacks observed in the past year, a surge researchers attribute to the involvement of AI.

    ChatGPT and FraudGPT

    Cybercriminals have leveraged AI tools like ChatGPT for years, and malicious spin-offs like FraudGPT are making phishing and spear phishing attacks more efficient. IBM X-Force researchers found that ChatGPT is nearly as effective as human experts in crafting convincing phishing emails, but it takes only a fraction of the time. This trend is particularly dangerous during the holidays, as spear phishing attacks spiked by over 150% the week before Christmas, according to Barracuda Networks.

    AI’s Dangerous Capabilities

    Generative AI tools can smooth out spelling and grammar mistakes, historically dead giveaways for scam emails. Additionally, they can create more convincing mimics of legitimate websites, making it challenging for users to distinguish between real and fake sites. “12 Frauds of Christmas” for 2023 include classic tactics like fake delivery tracking links, charity scams and gift card scams, but with the added twist of generative AI, both volume and success rates are poised to increase.

    As the 2023 holiday season approaches, the convergence of festivities and online activities creates a ripe environment for cybercriminals. The integration of generative AI into phishing attacks poses a new and potent threat. However, with the proactive efforts of implementing security measures such as new-school security awareness training for your organization, there is hope for a safer online holiday experience. Stay vigilant and teach your users best cybersecurity practices to ensure a secure and joyful holiday season!

    KnowBe4 enables your workforce to make smarter security decisions every day. Over 65,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.

    SC Media has the full story. 


    Free Phishing Security Test

    Would your users fall for convincing phishing attacks? Take the first step now and find out before bad actors do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.

    Here’s how it works:

    • Immediately start your test for up to 100 users (no need to talk to anyone)
    • Select from 20+ languages and customize the phishing test template based on your environment
    • Choose the landing page your users see after they click
    • Show users which red flags they missed, or a 404 page
    • Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
    • See how your organization compares to others in your industry

    PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser: https://info.knowbe4.com/phishing-security-test-partner?partnerid=001a000001lWEoJAAW

    Sign Up to the TIO Intel Alerts!

    Back To Top