Phishing attacks are on the rise again with the help of sophisticated generative-AI tools. However, new defenses and increased wariness among potential victims are blunting phishing’s potential for widespread harm.
For the uninitiated, phishing is a foundational practice for all cybercrime. For the most part, it is a scatter-gun methodology, sending out as many emails, texts, social media posts, and even phone calls as possible to get victims to give up personal information or access sensitive files. There are billions of phishing attacks going on around the world every year. According to FBI reports, the latest report shows losses in 2022 were more than $10 billion. The totals go up every year.
Phishing on the rise
Huntress recently issued a comprehensive report on the state of cybercrime that showed an alarming increase in the number of attacks in 2024 using no less than 285 different forms of attack. Modern attack methodologies go far beyond just sending out massive amounts of emails. They can also include an “urgent” voicemail or text, urging the victim to immediately click on the link of an email; infiltrating reply chains; QR codes instead of links, and signature impersonations.
One new phishing kit is Astaroth, which was revealed in January by SlashNext, a cloud email security provider. Primarily marketing on the Telegram messaging platform, the kit sells for $2000 and includes free trials.
