Future of Work News Free eNews Subscription

New Study Reveals the Role Large Language Models Play in Phishing Attacks

By

While phishing (in several forms) has taken place for decades, this type of fraud tends to evolve with technology. One of the most prominent phishing scams today involves “vishing,” in which supposed links to voicemail messages con victims into revealing their credentials for secure email gateways, software or web sites.   

According to a new report by cybersecurity company Egress, missed voice messages accounted for 18% of phishing attacks today, making them the most phished topic of the year so far. The report’s findings demonstrate the evolving attack methodologies used by cybercriminals that are designed to get through traditional perimeter security including secure email gateways. The study, entitled, “Phishing Threat Trends Report,” delves into key phishing trends, including the most phished topic, explores prevalent obfuscation techniques being used to bypass perimeter defenses, and examines whether chatbots have really revolutionized cyberattacks.

All phishing threat data and examples contained within the report were taken from Egress Defend, an Integrated Cloud Email Security solution that uses intelligent technology to detect and defend against the most sophisticated phishing attacks.

The report also highlights the role that large language models (LLMs) have played in enabling certain types of phishing attacks.

“Without a doubt, chatbots or large language models (LLMs) lower the barrier for entry to cybercrime, making it possible to create well-written phishing campaigns and generate malware that less capable coders could not produce alone,” said Jack Chapman, VP of Threat Intelligence for Egress.

One of the most concerning (but least-talked-about) applications of LLMs is reconnaissance for highly targeted attacks, according to Egress. Within seconds, a chatbot can scrape the internet for open-source information about a chosen target that can be leveraged as a pretext for social engineering campaigns, which are growing increasingly common.

“I’m often asked if LLM really changes the game, but ultimately it comes down to the defense you have in place,” noted Chapman. “If you’re relying on traditional perimeter detection that uses signature-based and reputation-based detection, then you urgently need to evaluate integrated cloud email security solutions that don’t rely on definition libraries and domain checks to determine whether an email is legitimate or not.”




Edited by Alex Passett
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

Future of Work Contributor

SHARE THIS ARTICLE

Related Articles

Future of Work Expo 2025: UCaaS Drives the Future of Work

By: Greg Tavarez    2/12/2025

At Future of Work Expo 2025, part of the #TECHSUPERSHOW, a panel session, "Why UCaaS Is the Future of Work," explained why UCaaS is so central for the…

READ MORE

Is the Future of Work Powered by AI? Find Out at Future of Work Expo 2025

By: Alex Passett    2/11/2025

Future of Work Expo 2025 began today at the Broward County Convention Center in Fort Lauderdale, Florida. This story shares some details from the Futu…

READ MORE

Cybersecurity and Privacy Discussed at Future of Work Expo 2025

By: Greg Tavarez    2/11/2025

The flow of sensitive information, both within and outside organizations, is becoming harder to control.

READ MORE

Unified Office Announces Significant Expansion of its TCNIQ AI Analytics Suite of Products at Future of Work Expo 2025

By: TMCnet News    2/11/2025

Leading communications technology company Unified Office announced today the official expansion of its TCNIQTM AI-based business analytics suite of pr…

READ MORE

Small Meeting Rooms Revamped Thanks to Future of Work Expo and Future of CX Expo Platinum Sponsor Jabra

By: Greg Tavarez    2/7/2025

The PanaCast 40 VBS is designed to enhance small meeting spaces with cutting-edge technology and user-friendly features.

READ MORE