TTPwire Vol. 1 · MITRE ATT&CK·Tagged

← All stories

The Register

Bot her emails: most modern phishing campaigns are AI-enabled

Brandon Vigliarolo · 5 days ago · Read original ↗

ATT&CK techniques detected

4 predictions
T1566.002Spearphishing Link
91%
“from someone claiming to be from the help desk and demanding you click on a link to reset your password, or read and sign a new policy via docusign, etc. both methods ultimately deliver credentials or remote access to an attacker, giving them what they were after. according to mi…”
T1598Phishing for Information
86%
“last year, suggesting holdouts are increasingly adopting the tech to broaden their reach. that number may be troubling enough, but it ' s how ai is being used that knowbe4 points out is the biggest problem. well - written, highly personalized ai - crafted phishing messages are ba…”
T1566.002Spearphishing Link
53%
“claude to plant ransomware and fake it expertise - crims compromised energy firms ' microsoft accounts, sent 600 phishing emails savvy multi - vector phishing operations still often start with an email, and that ' s one of the big areas where ai is broadening phishing horizons, a…”
T1598Phishing for Information
33%
“claude to plant ransomware and fake it expertise - crims compromised energy firms ' microsoft accounts, sent 600 phishing emails savvy multi - vector phishing operations still often start with an email, and that ' s one of the big areas where ai is broadening phishing horizons, a…”

Summary

KnowBe4 says 86% of phishing it tracked used AI, and inboxes are only the start

Give a man a phishing kit and he might get lucky a couple of times; teach an AI to phish and it'll change the landscape, if KnowBe4's latest phishing trends report is accurate.…