Evolution of AI Technologies Fueling the Social Engineering Attacks

With the rise of AI technologies, scamming, the illegal act of tricking others in an unethical way to obtain money, steal intellectual property, or gain unauthorized access to assets, has changed a lot.

Scammers, who are also sometimes called crooks or attackers, mostly use direct methods, such as calls, texts, emails, messengers, social media, and websites, to get their victims to do what they want.

This piece talks about how AI technologies have changed over time and how they are used in social engineering attacks, mainly Business Email Compromise (BEC) and spear phishing.

ANYRUN malware sandbox’s 8th Birthday Special Offer: Grab 6 Months of Free Service

Business Email Compromise (BEC)

People often fall for the BEC scam, which uses emails to trick people. Attackers usually go after people who work for businesses or the government, especially top leaders and financial/human resources managers.

According to AhnLab reports, they trick the victims into sending money or secret information by pretending to be someone who works for the victim group.

Attacks by the BEC are carefully planned. Attackers first use LinkedIn or public websites to learn more about the people they want to attack.

They use tricks like spoofing sender address domains or pretending to be trusted groups when they send emails.

Once they have a relationship with the victim, they use social engineering techniques, like putting pressure on the victim, to get them to send money or information.

Cases of BEC attacks
Cases of BEC attacks

 The Effects of AI Technologies

The progress of AI technologies is speeding up the growth of BEC attacks.

An event at a global company in Hong Kong shows this trend.

Attackers used AI deepfake technologies to send an email pretending to be the CFO of a business.

A finance worker believed it and sent $25 million.

Even though there were accusations of fraud and another video conference, the deepfake technology convinced employees, including the CFO, and trick the workers into sending the money.

AI is getting better, so BEC attacks will get smarter and sneakier.

Technologies like deepfake will make pretending to be someone else easier, making BEC attacks more likely to succeed.

Companies must be extra careful and prepare to deal with the BEC danger effectively.

Spear phishing: targeted attacks that spread malware and steal information

Attackers create complicated situations to get people to open harmful files or enter personal information in spear phishing emails.

The examples below show Spear Phishing: Tailored Attack

Case 1: Pretending to be an employee of the company

In the first case, the attacker pretended to be a worker inside the company.

The email sent to someone at AhnLab looked like it came from someone in the same company.

It let the receiver know that a voice message was waiting for them.

The message had an attachment that led to a phishing page that looked like an AhnLab service.

Because the email recipient’s name and email address were already filled in on the fake page, it looked real.

If the person tried to join in, the attacker would get the account information they entered.

Spear phishing case 1: Impersonating an internal employee
Spear phishing case 1: Impersonating an internal employee

Case 2: Using an email thread to build trust

In the second case, the attacker used an email line to make it look like several messages preceded this one.

The email’s subject line began with “RE:” making it look like it was part of a continuing discussion.

The email looked like a businessperson wrote it; it had a sender’s signature, and several receivers and CCs were named.

The email’s body told the recipient they needed to look at the attached file before they could move on to the next job.

People were urged to do something by getting emails with subject lines like “Reminder” and “Third Reminder.”

Spear phishing case 2: Using an email thread to build trust
Spear phishing case 2: Using an email thread to build trust

Case 3: Getting Information Through a Link

In this case, the attacker went after an employee who often sent emails to people outside the company.

The attacker told the victim they were interested in the company’s business and asked them to click on a link that would take them to a harmful phishing page.

The information was stolen and sent to the attacker when the receiver entered their sign-in information.

Spear phishing case 3: An attempt to exfiltrate information by inducing the viewer to click a link

Case 4: Making use of social connections

In the fourth case, the attacker knew ahead of time about the target’s social connections and pretended to be a known friend.

The attacker made a small change to the writing of the sender’s email address so that it looked like the real address.

Using social engineering, the sender got the target to open the malicious attachment without realizing it.

Spear hacking case 4: getting to know the target through social networks
Spear hacking case 4: getting to know the target through social networks

Spear phishing attacks can be so specific that even security professionals can be tricked.

Another report from Google’s Threat Analysis Group (TAG) says that hackers who are thought to be working with North Korea are using advanced social engineering tricks to target security experts.

They find out what security experts are interested in and what they are researching, then send them customized phishing emails and attack by sending documents with malware that look like analysis reports or emails with malicious links.

In 2023, security experts were tricked by fake job ads sent through LinkedIn.

Attackers pretended to be recruiters, carried on the chat through WhatsApp, and sent files with malware.

Attackers use clever and advanced techniques, such as AI technologies and carefully planned situations.

It is very important to check the sender’s request and carefully read the email’s content, even if it seems like an urgent request or email from someone you trust.

As AI technologies change, scammers’ tricks will also change, so people need to be more careful and take stronger security steps.

Free Webinar on Live API Attack Simulation: Book Your Seat | Start protecting your APIs from hackers

Divya is a Senior Journalist at Cyber Security news covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.