As artificial intelligence gets smarter, cybercriminals are discovering all new ways to hack and scam their victims.
Can you believe your eyes?
According to the Cybersecurity and Infrastructure Security Agency (CISA) in Australia, scammers are taking advantage of the growing popularity of video conferencing technology to commit fraud. AI allows them to generate extremely realistic deepfakes to create convincing video calls that can deceive even the most cautious individuals.
One example cited by CISA is a “vishing” scam where an employee was invited to a video conference call that seemed to originate from within his company. What he did not realize was that all other participants in the call were AI-generated deepfakes designed to look exactly like his colleagues. Assuming he was in a real call with his real colleagues, the employee was convinced to transfer millions of dollars from the company accounts.
This type of scam is particularly insidious – and effective – because it uses advanced technology to create a convincing and realistic experience. The scammers can use AI to quickly create content for phishing emails or for more sophisticated operations like deepfake videos or audio clips. And because everything appears legitimate, victims are much more likely to fall for the scam.
Hijacking QR codes
Another form of scam, “quishing” – or QR code phishing – operates in a similar way to well-known email scams with malicious links. Instead, a malicious link is embedded in the QR code itself. When the victim scans the code, they are redirected to a fake login page or a website that steals their personal information. Because the victim cannot easily see the embedded website address, it is even harder to spot the usual tell-tale signs of a potential scam.
Increasing common in Australia – and beyond
CISA warned that these types of scams are becoming increasingly common in Australia and can have devastating consequences for individuals and businesses. The agency’s director general, Abigail Bradshaw, said that cybersecurity is everyone’s responsibility and that all technology users need to stay aware of emerging risks.
However, Bradshaw’s warning applies to every company and individual worldwide. These scams are not restricted to Australia, so anyone, anywhere could be targeted by vishing or quishing.
Everyone is a target
The CISA report highlights the growing threat of state-sponsored cyber actors. Going beyond individual victims, cybercriminals targeting critical infrastructure, including systems being compromised by intruders, malware infections, and denial of service attacks which could have massive consequences for nation states. The agency also warned about a trend in “living off the land” strategies, where criminals break through the defenses surrounding a private system, blend in with its normal activities, and use its own administration tools to achieve their goals. This process may take months – but it may also yield significant returns for the hackers.
The CISA is calling on individuals and businesses to take proactive steps to protect themselves from scams and cyber threats – including quishing and vishing. It emphasized the importance of staying informed about emerging risks and taking steps to strengthen cybersecurity measures, such as advanced antimalware tools.
As always, Panda Security recommends that you stay alert – and download a free trial of Panda Dome to protect your devices against common attacks.
Panda Security specializes in the development of endpoint security products and is part of the WatchGuard portfolio of IT security solutions. Initially focused on the development of antivirus software, the company has since expanded its line of business to advanced cyber-security services with technology for preventing cyber-crime.
Quizá también le interese
Panda Free Antivitus
FREE TECHNICAL SUPPORT
