article thumbnail

LLMs and Phishing

Schneier on Security

Here’s an experiment being run by undergraduate computer science students everywhere: Ask ChatGPT to generate phishing emails, and test whether these are better at persuading victims to respond or click on the link than the usual spam. There will also be a change in the sophistication of these attacks.

Phishing 341
article thumbnail

Synthetic Sabotage: How AI Tools Are Fueling Tailored Phishing Campaigns at Scale

SecureWorld News

The phishing game has evolved into synthetic sabotage a hybrid form of social engineering powered by AI that can personalize, localize, and scale attacks with unnerving precision. The quiet revolution of phishing-as-a-service (PhaaS) If you haven't noticed by now, phishing has gone SaaS. For phishing, this is a gold mine.

Phishing 105
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

The Last Watchdog

Part two of a four-part series The explosion of AI-driven phishing, insider threats, and business logic abuse has forced a shift toward more proactive, AI-enhanced defenses. Legacy IAM systems cant keep up as AI-powered phishing and deepfakes grow more sophisticated. The drivers are intensifying.

article thumbnail

APT42 impersonates cyber professionals to phish Israeli academics and journalists

Security Affairs

Iran-linked APT42 targets Israeli experts with phishing attacks, posing as security professionals to steal email credentials and 2FA codes. Credentials entered on these phishing pages are sent to the attackers, enabling them to intercept both passwords and 2FA codes and gain unauthorized access to the victims’ accounts.”

article thumbnail

Experts found 4 billion user records online, the largest known leak of Chinese personal data from a single source

Security Affairs

Over 4 billion user records were found exposed online in a massive breach, possibly linked to the surveillance of Chinese citizens. ” They suggest the scale and variety of the information point to a centralized system, possibly used for surveillance, profiling, or enriching existing data. ” reads the post.

article thumbnail

Privacy Roundup: Week 3 of Year 2025

Security Boulevard

Inside the Black Box of Predictive Travel Surveillance Wired Covers the use of powerful surveillance technology in predicting who might be a "threat." Phishing and Scams Covers popular phishing schemes affecting end users - smishing, vishing, and any new scam/phish.

article thumbnail

Iran-Linked MuddyWater Deploys Atera for Surveillance in Phishing Attacks

The Hacker News

The Iran-affiliated threat actor tracked as MuddyWater (aka Mango Sandstorm or TA450) has been linked to a new phishing campaign in March 2024 that aims to deliver a legitimate Remote Monitoring and Management (RMM) solution called Atera.

Phishing 136