The underground cybercrime market has been offering AI tools that can write convincing phishing emails, create deepfakes, and identify software vulnerabilities, lowering the skill barrier for less-skilled actors to launch more sophisticated attacks.
high
trend
Describes a trend in criminal marketplaces where AI capabilities are packaged to extend attackers' capabilities.
Phishing is an online fraud technique that uses fake websites to trick people into entering sensitive information, and "smishing" refers to phishing attacks conducted via SMS (text messages).
high
definition
Terminology describing types of online fraud targeting user credentials or payment data.
Exposure of basic contact information such as names, email addresses, phone numbers, and physical addresses in a data breach can be used by criminals to carry out scams and phishing attacks.
high
general
Contact data is valuable to attackers for targeted fraud even when financial or government ID data are not exposed.
Users should delete unsolicited messages that request personal information or urge clicking links, and verify account alerts directly through official apps or websites instead of following links in the message.
high
general
This is a recommended practice to reduce risk from phishing and lookalike scam messages following breaches.