Phishing in 2023 - Our Predictions
Phishing attacks are one of the biggest threats in the digital world and a steady increase has been observed for years. It is likely that this will continue in 2023. Here are some predictions of what we expect to see in 2023 in the context of phishing attacks.
Increase in Ransomware Incidents
Phishing attacks are usually the first step to deploy ransomware into corporate infrastructures. The insidious malware spreads in the internal network and then encrypts critical business data. The data taken “hostage” in this way can only be decrypted after a ransom has been paid. We expect the attackers to further specialise in particularly vulnerable or/and worthwhile targets. According to current findings, low-level criminals are more likely to actively select and infect targets, whereas the ransomware they use is provided by sophisticated criminal groups. These groups also operate the necessary infrastructure for processing the ransom payments and constantly develop the actual ransomware. These “offers” are also referred to as “Ransomware-As-A-Service”.
Backups protect against ransomware damage
Our blogpost “A Ransomware Secure Backup Strategy “ introduces an important protective measure against this type of attack.
Deepfake Videos and AI generated Phishing
Deepfakes are photos and videos that depict computer-generated scenes or situations very realistically, and that are generated on the basis of certain inputs from text or real image material. Different manifestations have been observed so far: videos have been used to show popular people such as celebrities advertising a product or service. The popularity of the person shown creates an unjustified trust and the victims are lured into following a link, installing an app/software or making a purchase. Other approaches fall under the so-called grandparent scam. In this case, fraudsters play audio or video content of a relative who is supposedly in distress to good-faith victims in order to obtain cash or valuables. Deepfakes, which can be generated from media available on social media, are used to convince relatives of the authenticity and urgency. Supposed urgency and hasty action are aspects that we have already presented with “CEO Fraud”. As with this type of phishing attack, the same applies to the grandparent scam:
First, take it easy
Don’t let yourself be pressured and take time to question the situation and, if necessary, inform other relatives or trusted persons before handing over money or valuables.
Increasing use of phishing kits and text AI like ChatGPT
With so-called phishing kits, it is becoming easier to create phishing pages without the fraudsters having to deal with the actual technology in detail. The entry barrier for criminals is lowered accordingly. Professionally created phishing pages can be particularly effective. In contrast to the classic first attempts of a criminal newcomer, these created pages often lack the usual features - such as incorrect spelling and grammar or simple and unappealing design. These pages are therefore harder to expose and therefore more successful in the end. With the open availability of strong artificial intelligences, such as ChatGPT, not only legitimate users are enabled to write passable texts and articles in a fast way. Fraudsters also know how to take advantage of this and have corresponding phishing mails and websites generated.
- Plausible: Are the sender’s name and address spelled correctly? Are there any differences to the sender addresses used in other emails? Is the content logical and correct?
- Consistent: Before following a link, look at the address behind the link. Is there anything conspicuous? Has the name been misspelled or is the ending different, e.g. .com is used instead of .de?
- Manually: If in doubt, do not follow links from email, but visit the website on your own by entering the URL in your browser.
- Details: If you still end up on the suspicious website, you can check if there is anything conspicuous. Maybe the background colour is different or the font used is inconsistent.