Phishing attacks rose by 28% between the first and second quarter of 2024, with 75% and 82% of phishing kits leveraged in such intrusions touting artificial intelligence and deepfake capabilities, respectively, reports SC Media.
Threat actors leveraged compromised email accounts to launch 44% of the attacks between April and June, 8% of which were from a supply chain account, an analysis from Egress revealed.
Moreover, hyperlinks were the most common attack payload while attachments were the second most prevalent phishing email payload. Attackers' utilization of AI in phishing toolkits was regarded by Egress Vice President of Threat Intelligence to be among the "most troubling findings" of the report as it indicates the use of the technology to lower the barrier to entry to cyberattacks.
"Organizations must respond by adopting advanced AI defenses that effectively counter these evolving threats; while ensuring they aren't introducing new vulnerabilities by using AI for AI's sake," Chapman added.
