Future of Work News Free eNews Subscription

New Study Reveals the Role Large Language Models Play in Phishing Attacks

By

While phishing (in several forms) has taken place for decades, this type of fraud tends to evolve with technology. One of the most prominent phishing scams today involves “vishing,” in which supposed links to voicemail messages con victims into revealing their credentials for secure email gateways, software or web sites.   

According to a new report by cybersecurity company Egress, missed voice messages accounted for 18% of phishing attacks today, making them the most phished topic of the year so far. The report’s findings demonstrate the evolving attack methodologies used by cybercriminals that are designed to get through traditional perimeter security including secure email gateways. The study, entitled, “Phishing Threat Trends Report,” delves into key phishing trends, including the most phished topic, explores prevalent obfuscation techniques being used to bypass perimeter defenses, and examines whether chatbots have really revolutionized cyberattacks.

All phishing threat data and examples contained within the report were taken from Egress Defend, an Integrated Cloud Email Security solution that uses intelligent technology to detect and defend against the most sophisticated phishing attacks.

The report also highlights the role that large language models (LLMs) have played in enabling certain types of phishing attacks.

“Without a doubt, chatbots or large language models (LLMs) lower the barrier for entry to cybercrime, making it possible to create well-written phishing campaigns and generate malware that less capable coders could not produce alone,” said Jack Chapman, VP of Threat Intelligence for Egress.

One of the most concerning (but least-talked-about) applications of LLMs is reconnaissance for highly targeted attacks, according to Egress. Within seconds, a chatbot can scrape the internet for open-source information about a chosen target that can be leveraged as a pretext for social engineering campaigns, which are growing increasingly common.

“I’m often asked if LLM really changes the game, but ultimately it comes down to the defense you have in place,” noted Chapman. “If you’re relying on traditional perimeter detection that uses signature-based and reputation-based detection, then you urgently need to evaluate integrated cloud email security solutions that don’t rely on definition libraries and domain checks to determine whether an email is legitimate or not.”




Edited by Alex Passett
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

Future of Work Contributor

SHARE THIS ARTICLE

Related Articles

VividQ's Holographic Vision Takes a Step Closer to Reality with $7.5M Funding

By: Greg Tavarez    9/5/2024

VividQ announced the completion of an additional $7.5 million in Series A funding, bringing the company's total funding to over $30 million to date.

READ MORE

BlandAI Announces $16 Million in Series A Financing

By: Tracey E. Schelmetic    9/5/2024

AI agent automation solutions provider Bland AI announced that it has officially emerged from stealth with a $16 million Series A financing round, led…

READ MORE

New Integration Opens the Door to Smartly Managed Meeting Rooms, Courtesy of Envoy and Logitech

By: Alex Passett    9/4/2024

Envoy has teamed up with Logitech to integrate Envoy Rooms and Logitech Tap Schedule. This integration offers a new unified workplace solution for opt…

READ MORE

Zoom Shatters Webinar Limits: 1 Million Attendees Now Possible

By: Greg Tavarez    9/4/2024

Zoom recently announced the launch of its new single-use webinar offering, capable of hosting up to 1 million total attendees.

READ MORE

OnviSource and IPFone Partner to Transform Business Communication with AI-Driven Insights

By: Stefania Viscusi    9/3/2024

IPFone's unified communications platform has been integrated with OnviSource's OmVista, an AI-powered suite

READ MORE