Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

New AI-Driven Phishing Platform Automates Attack Campaigns

Researchers at Varonis warn of a new phishing automation platform called “SpamGPT” that “combines the power of generative AI with a full suite of email campaign tools.” While previous phishing kits have automated parts of the attack chain, SpamGPT’s sophistication sets it apart from the rest “SpamGPT’s interface and features imitate a professional email marketing service, but for illegal purposes,” Varonis writes.

Attackers Use AI Development Tools to Craft Phony CAPTCHA Pages

Attackers are abusing AI-powered development platforms like Lovable, Netlify and Vercel to create and host captcha challenge websites as part of phishing campaigns, according to researchers at Trend Micro. “Since January, Trend Micro has observed a rise in fake captcha pages hosted on such platforms,” the researchers write.

Attackers Abuse Google's AppSheet to Send Phishing Emails

Hackread reports that attackers are abusing Google’s AppSheet platform to send phishing emails. The campaign was spotted by researchers at Raven, who warn that attackers are sending messages that impersonate AppSheet, informing users of phony trademark violations. Notably, the emails are sent from AppSheet’s legitimate infrastructure, making them more likely to bypass security controls and appear legitimate to human recipients.

Why Your Security Strategy Needs a Human Upgrade

Let’s be brutally honest. For years, our industry has been locked in a civil war. In one camp, the technologists have been building higher walls and smarter traps, arguing that the right AI-powered, next-gen firewall will solve all our problems. In the other camp, the behaviorists have been calling for more training and better awareness, convinced that if we just make people understand the risks, they’ll stop clicking on things.

AI-Assisted Phishing Attacks Are an Increasingly Serious Threat

AI-assisted phishing attacks pose a significant and increasing threat to organizations, according to Matt Weidman, partner and vice president of Commercial Property & Casualty at USIA. In an article for CBIA, Weidman explains that attackers can use AI tools to craft targeted, convincing phishing messages that are almost indistinguishable from the real thing.

Report: AI-Powered Phishing Fuels Ransomware Losses

AI-powered social engineering attacks are significantly more successful than traditional attacks, according to a new report from cyber risk management firm Resilience. The researchers state, “Social engineering attacks fueled 88% of material losses, with AI-powered phishing achieving a 54% success rate compared to just 12% for traditional attempts.” AI allows attackers to easily craft sophisticated phishing emails, as well as voice and video deepfakes.

FBI Issues Guidance for Avoiding Deepfake Scams

The FBI and the American Bankers Association (ABA) have issued a joint advisory warning of the growing threat posed by AI-generated deepfake scams. “Criminals may pose as loved ones, government officials, law enforcement personnel, or even celebrities, often using fear and urgency to convince victims to send money or share sensitive information,” the advisory says.

Phishing Campaign Abuses iCloud Calendar Invites

Attackers are abusing iCloud Calendar invites to send phishing messages that pose as PayPal notifications, BleepingComputer reports. Since the messages are sent from Apple’s infrastructure, they’re more likely to bypass security filters. BleepingComputer explains, “This email is actually an iCloud Calendar invite, where the threat actor included the phishing text within the Notes field and then invited a Microsoft 365 email address that they controlled.

"Yep, I got pwned. Sorry everyone, very embarrassing."

In essence, that is the disclosure and notification message that the open-source developer "qix" sent to the world when he was social engineered to give up access credentials to his GitHub account. Using his account, the attackers inserted malware in a series of popular NPM packages to direct cryptocurrency payments to their own wallets.