A study shows how successful AI-generated cyber attacks already are. The greatest danger lies in the easy scalability of spear phishing attacks - both in terms of quantity and quality.
In addition to a lot of encouragement for the current developments in the field of artificial intelligence (AI), some critical voices have also been raised in recent weeks. Cybersecurity experts, including those at SoSafe, Europe's leading provider of security awareness and training, have long warned of the possibility that generative AI could write better phishing emails than humans can. Initial research* by SoSafe now shows that this warning is justified: phishing emails written with AI are already opened by 78 percent of people and are not recognized at first glance. Of these, 21 percent clicked on malicious content in the AI-composed phishing emails, such as links or attachments. 65 percent were even tempted by the AI-generated emails to disclose personal information in input fields on linked websites.
Phishing: Open and click
Human-generated phishing attacks were clicked slightly more frequently (27%) by people in the study conducted, while open rates for AI and human-generated phishing emails were equally high. Engagement rates were even higher for the AI-generated emails, with only 60 percent of people providing additional data in the human-generated emails.
"It is important to note that our study was conducted using the ChatGPT 3.5 model with common themes and questions," said Dr. Niklas Hellemann, CEO and founder of SoSafe. “Even with these simple and non-personalized AI-generated phishing emails, our data shows that people struggle to spot AI-generated phishing attacks. As the technology advances with more mature models like ChatGPT-4 and personalization at scale, we expect the attacks to become even more dangerous – because the greatest threat lies in their potential to scale.”
Generative AI tools accelerate phishing attacks
Research by SoSafe's social engineering team shows that generative AI tools can help hacker groups compose phishing emails at least 40 percent faster. Cyber criminals can therefore significantly increase their success rates with even simple means. At the same time, the barrier to entry for carrying out large-scale spear phishing attacks, in which the preferences and habits of specific target persons serve as the basis for tailor-made attacks, is also lowered - because the personalization of phishing attacks is also made scalable by AI. AI tools can be fed personal information that helps maintain the quality of spear phishing attacks, even with a high number of targets. Furthermore, generative AI tools also bring creative advantages and help cybercriminals to come up with new ideas. In this way, hacker groups can send far more phishing emails in all languages and in high quality in less time than was previously the case. This makes large-scale phishing attacks much more efficient – and also more effective.
Increased attention
"With the emergence of AI-supported 'Large Language Models' and the resulting massive increase in scaling potential, the cyber threat situation continues to escalate," says Hellemann. “Initial studies have shown that AI can already write better phishing emails than humans. Our data makes the consequences clear - one in five people fall for AI-created phishing attacks. And that's just the beginning: technology will continue to evolve, giving cybercriminals more options. Already the jump from ChatGPT-3 to ChatGPT-4 has taken the scaling of personalization to a new level.
More at SoSafe.com
About SoSafe
SoSafe helps organizations build their security culture and mitigate risk with its GDPR-compliant awareness platform. 2018 by Dr. Founded by Niklas Hellemann, Lukas Schaefer and Felix Schürholz, SoSafe now has more than 3.000 customers worldwide and is one of the leading providers of security awareness and training in Europe. With behavioral psychology elements and smart algorithms, SoSafe enables personalized learning experiences and attack simulations that motivate and train employees to actively protect themselves from online threats. The SoSafe team now consists of more than 370 employees at five locations: Cologne (headquarters), Amsterdam, Berlin, London and Paris.