Generative artificial intelligence (GenAI) tools like ChatGPT have extensive business value. They can write content, clean up context, mimic writing styles and tone, and more.
But what if bad actors abuse these capabilities to create highly convincing, targeted and automated phishing messages at scale? No need to wonder as it’s already happening. Not long after the launch of ChatGPT, business email compromise (BEC) attacks, which are language-based, increased across the globe.
Read more…
Source: Proofpoint
Related:
- Zscaler says it suffered data breach following Salesloft Drift compromise
September 3, 2025
We can now add Zscaler to the growing list of Salesloft customers who suffered a third-party cyberattack and lost sensitive customer information after it confirmed data was taken. In the announcement, Zscaler explained it was a customer of Salesloft, whose AI chat platform, Salesloft Drift, was compromised. Since this platform connects with Salesforce, the miscreants managed ...
- Model Namespace Reuse: An AI Supply-Chain Attack Exploiting Model Name Trust
September 3, 2025
Palo Alto Unit 42 research uncovered a fundamental flaw in the AI supply chain that allows attackers to gain Remote Code Execution (RCE) and additional capabilities on major platforms like Microsoft’s Azure AI Foundry, Google’s Vertex AI and thousands of open-source projects. We refer to this issue as Model Namespace Reuse. Hugging Face is a platform ...
- Hackers are now hiding malware in the images served up by LLMs
August 31, 2025
As AI tools become more integrated into daily work, the security risks attached to them are also evolving in new directions. Researchers at Trail of Bits have demonstrated a method where malicious prompts are hidden inside images and then revealed during processing by large language models. The technique takes advantage of how AI platforms downscale images ...
- The first AI-powered proof of concept ransomware has been spotted
August 27, 2025
Security researchers from ESET have identified the first known AI-powered ransomware, which serves as a warning for security teams as generative AI has, and will, continue to make cyberattacks much more accessible for criminals. Peter Strycek and Anton Cherepanov discovered the proof of concept, which they dubbed ‘PromptLock’, which, ‘leverages Lua scripts generated from hard-coded prompts ...
- New trends in phishing and scams: How AI and social media are changing the game
August 13, 2025
Phishing and scams are dynamic types of online fraud that primarily target individuals, with cybercriminals constantly adapting their tactics to deceive people. Scammers invent new methods and improve old ones, adjusting them to fit current news, trends, and major world events: anything to lure in their next victim. Since our last publication on phishing tactics, there ...
- How NATO Is Building Resilience Against Disruptive Cyber Technologies
August 12, 2025
The mission of NATO (North Atlantic Treaty Organization) is to safeguard the freedom and security of its member countries through political and military means. “We look out for our members by combining smart diplomacy with strong defense, and that includes risk management and cyber resilience,” said Konrad Wrona, Security Expert, NATO Communications and Information (NCI) Agency. ...