Attention : Soyez vigilant contre les attaques de spam personnalisées à grande échelle, alimentées par l'intelligence artificielle.

The phishing attacks will soon be much more convincing. A new report warns that scammers are now using AI to refine information about you on your online profiles in order to send highly personalized emails targeting your login credentials.

Learning everything, from your employer to your interests, scammers can send emails that have a greater chance of appearing authentic...

Phishing has been a practice for a long time. A scammer sends mass emails claiming to be banks, email providers, digital currency providers, and popular companies like Amazon and Apple.

The fake content is generally designed to create a sense of urgency. For example, your bank warning you of fraudulent transactions, Amazon sending you an invoice for an expensive product you didn't order, or Apple informing you that your iCloud account will be canceled.

We hope victims will panic and click on the link and use their login credentials before they have time to reflect on what is real or not.

Most of these attacks are very generic, but a report from the Financial Times warns that this is changing now. Scammers start using AI to scrape public profiles in order to generate emails that seem to know a lot about you, and are therefore more likely to deceive more people by making them believe they are authentic.

Prestigious companies such as the British insurer Beazley and the e-commerce group eBay have warned of an increase in fraudulent emails containing personal details, probably obtained through AI analysis of online profiles.

This is becoming increasingly serious and it is becoming very personal, and that's why we suspect that AI is behind much of what is happening," said Kirsty Kelly, Beazley's Information Security Director. "We are starting to see highly targeted attacks that have refined an enormous amount of information about a person.

Highly personalized phishing emails are also much more likely to pass through the filters created by businesses and email providers like Apple and Google.

To date, the main targets seem to be employees of companies, with AI robots even imitating the writing style of certain companies from their websites and other public content to reinforce their scams. But it is likely that these same techniques are also used against consumers, by doing things like scraping your social profiles.

The main measure of protection against spoofing attacks is to use Toneverclick on the links received via email. Always use your own favorites or type a known URL.

Photo by Tyler Franta on Unsplas