Business
Focused
Technology

IT360
IT360

Quick Links

gear service ticket iconStart a service ticket

Hyper-Personalized Phishing Attacks on the Rise

Phishing attacks are flooding in like never before and becoming more sophisticated. In 2023, there was a 47.2% increase in phishing attacks compared to the previous years. The attacks are also spreading beyond emails to text messages, phone calls, and other forms of personal communication.

AI TOOLS

The rise in attacks is attributed to the use of AI tools, which make it easier to craft tailored messages that can deceive even the most security-conscious individuals. This underlies the importance of continuance education and robust security systems to protect sensitive information.

Email is the number 1 delivery method of nearly all malware. Phishing isn’t just about stealing credentials; it also grants threat actors access to sensitive data, which can be exploited. A report by Verizon indicated that 41% of Business Email Compromise (BEC) attacks involve obtaining credentials from phishing.

Phishing actors may use generative AI to create emails that look genuine and polished, so grammar is no longer a red flag. It’s important to look at other aspects such as the length of the email, its intricacy, and so on. Often, the first sign of an email scam is a suspicious sender address. Attackers may use email addresses that look similar to legitimate companies, but with slight variations, punctuation or spelling.  If you’re doubtful, call the sender! This will help establish the legitimacy of the email.

DEEPFAKES

Deepfakes, which are hyper-realistic fake videos or audio recordings, are also now being used in phishing attacks to impersonate trusted individuals or officials. This can create convincing messages that seem to come from legitimate sources. Consider using a ‘password’ or ‘safe word’, preferably among close friends and family, to avoid phone scams backed by deepfake technology.

HOW TO PROTECT YOURSELF

You can protect yourself against phishing attacks with proper tools and safeguards. Install security software and keep it updated. Schedule regular backups and enforce password policies. Multi-factor authentication can also be used for some accounts.

Remind employees to avoid emails from unknown senders. If an email looks suspicious, forward it to your IT department or call the sender directly to confirm if it came from them. Do not provide personal information or click on suspicious links. Pay close attention to email content such as spelling and grammar.

At IT360, we take the necessary measures to protect our clients’ and their networks and are here to help with your IT security needs.   

President, Transportation Company

Your technical support team has always been able to handle our needs quickly, efficiently, and patiently. We appreciate your timeliness and the hours you have saved us. It is great to know that we have people at IT360 capable to provide solutions to our problems.

President, Transportation Company

Recent
Technology News

IT 360 News
Threats and Infrastructure

From Arctic Wolf SUMMARY On February 7, 2024, CISA issued an advisory detailing their discoveries concerning state-sponsored cyber actors linked to the People’s Republic of China (PRC). Notably, the PRC-affiliated threat actor, Volt Typhoon, is actively engaged in efforts to infiltrate IT networks, with the potential aim of launching cyberattacks on vital U.S. infrastructure in […]

Read more
IT 360 News
Multi-Factor Authentication

By Cybersecurity & Infrastructure Security Agency OVERVIEW Multi-factor authentication (MFA) is a layered approach to securing physical and logical access where a system requires a user to present a combination of two or more different authenticators to verify a user’s identity for login. MFA increases security because even if one authenticator becomes compromised, unauthorized users […]

Read more