According to Decrypt, as the peak travel season approaches, cybercriminals are turning to new technologies to carry out scams and steal data, using tactics such as phishing emails written by AI and maliciously configured phone charging stations to trap travelers.
Contents:
Toggle
Rapid Increase in Phishing Attacks with the Introduction of Generative AI Tools
Smishing Attacks
Juice Jacking Traps
Rapid Increase in Phishing Attacks with the Introduction of Generative AI Tools
According to a recent report by cybersecurity company SlashNext, the number of phishing attacks through email has increased by 856% in the past year. This rapid growth is partly driven by generative AI, a technology that allows scammers to write phishing emails in multiple languages simultaneously, resulting in a 4151% increase in malicious emails since the release of OpenAI’s ChatGPT in 2022.
Patrick Harr, CEO of SlashNext, stated in an interview with Decrypt:
Source: SlashNext
Phishing attacks involve sending messages to unsuspecting victims, enticing them to click on links and connect to malicious websites or applications, tricking users into submitting personal or security information, such as passwords. In January of this year, cybercriminals targeted encrypted platform users’ emails after hacking into email service provider MailerLite, resulting in scams amounting to over $700,000.
A recent report by the International Financial Times highlights the sharp increase in phishing attacks targeting business and leisure travelers. These attacks include posting fake messages on counterfeit websites and offering significant discounts, such as advertising Swiss Alpine accommodation prices at $1,000 per night on other websites, while the scam website offers a discounted price of $200 per night to lure users.
Marnie Wilking, Chief Information Security Officer of Booking.com, stated in an interview that phishing activities began to increase shortly after the introduction of ChatGPT. Scammers can now use generative AI tools to write fraudulent emails in multiple languages with good grammar. Even hotel operators may inadvertently open attachments containing malicious software while trying to resolve customer issues.
Wilking advised travelers and accommodation providers to use two-factor authentication to ensure security and to avoid clicking on anything suspicious, no matter how slight the doubt, and to contact the hotel, property owner, or customer service department.
Smishing Attacks
Harr of SlashNext stated that a newer form of phishing called “smishing” is becoming increasingly popular and dangerous. This type of phishing attack targets mobile users by attaching false links in text messages.
Harr also mentioned that during the COVID-19 pandemic, businesses started using QR codes, and scammers have now begun exploiting these ubiquitous barcodes. He quoted a recent report by Verizon:
Juice Jacking Traps
While phishing attacks remain the most commonly used medium by cybercriminals, the Federal Communications Commission (FCC) recently issued a warning about “juice jacking,” a type of attack that typically targets travelers who charge their devices at airports and hotels.
Juice jacking attackers exploit the technology built into the universal USB standard, which not only transmits power but also data. Maliciously configured USB ports or connectors can steal information or install unwanted software after being plugged into victims’ devices.
The FCC recommends avoiding the use of free charging stations at airports, hotels, or shopping centers to prevent this emerging type of attack. Instead, individuals should use personal chargers plugged into basic power outlets, portable batteries, or use data blockers to ensure USB connections are limited to power transmission.
Source:
FBI Denver
Related Articles:
“North Korean Hackers’ AI Scam: Using ChatGPT to Increase the Complexity of Cyber Attacks”
“2024 Cryptocurrency Scam Techniques Revealed! A Guide to Decoding Cryptocurrency Scams”