The growth of artificial intelligence (AI) has started to take over the technological world, with many individuals using this function with good intentions; however, cybercriminals have recognised the potential AI has in aiding their criminal antics. Phishing campaigns have become one of the most recent concerns involving the use of AI, especially as due to the recent improvement in this technology, it has caused AI-generated phishing emails, leading to great difficulties in detecting these scams.
For example Egress researchers published in their most recent report that AI detectors cannot tell if a phishing email has been written by a fellow AI system or a human in 71.4% of the time. The reason for these results, is that AI detectors are generally more accurate with longer sample sizes, the minimum of 250 characters being needed for this function to work accurately. However, 44.9% of phishing emails fall below the minimum character requirement, hence the lower reliability in AI phishing email detection.
Phishing volumes, on average, have not increased, but it is the new obfuscation and AI methods that we need to be careful of as it is making phishing emails bypass security systems much easier, causing security defences to be less efficient. Keep on following the advice below as staying vigilant and aware is one if the best ways to keep yourself and your data safe from cybercriminals.
Use Two-Factor Authentication (2FA): Enable 2FA wherever possible. This adds an extra layer of security even if your password is compromised.
Keep Software Updated: Regularly update your operating system, antivirus software, and other applications to ensure you're protected against known vulnerabilities.
Educate Yourself: Stay informed about the latest phishing techniques and trends. Universities often provide resources to help you recognise and report phishing attempts.
Verify Requests: If you receive an email requesting personal information or action, independently verify its authenticity by contacting the organisation directly through official channels.
Report Suspicious Emails: If you receive a suspicious email, report it to your university's IT department or the relevant authority. This can help protect others from falling victim.
You can report all Fraud and Cybercrime to Action Fraud by calling 0300 123 2040 or online.
Forward suspicious emails to firstname.lastname@example.org and report SMS scams by forwarding the original message to 7726.