Please note: Be cautious of hyper-personalized fake emails backed up by AI.

Fishing attacks will become more reliable. According to a new report, fraudsters are planning to send hyper-personalized emails targeting login credentials by using artificial intelligence to obtain your information from online profiles in the future.

By knowing everything from your profession to your hobbies, fraudsters may have more opportunities to send fake emails.

Fishing has always existed. Fraudsters claim to come from popular companies such as banks, email providers, cryptocurrency providers, Amazon, and Apple, sending out large numbers of emails.

Fake content is usually created with the purpose of creating urgency. For example, a bank warning about fraudulent transactions, an Amazon requesting payment for expensive items you haven't ordered, or an Apple notification that your iCloud account may be canceled.

Scammers hope to induce panic in victims by making them lose time thinking whether something is real while forgetting to use the login information they clicked on.

While many of these are quite generic, financial news reports suggest that this situation is changing. Scammers are starting to use AI to scrape public profiles and create emails that appear to know a lot about you. This could make more people believe they are real.

The major companies such as insurance company Beazley and e-commerce group eBay have warned of an increase in adventurous emails obtained through online profiles, likely due to AI analysis.

“This is getting worse, and it's very personal. That's why I suspect that AI is behind much of this,” said Kirsty Kelly, the information security director at Beazley. “We are accustomed to attacks with specific targets, scraping large amounts of information about a single person.”

Highly personalized scam emails also have a higher chance of passing through filters created by email providers such as businesses and Apple, Google.

Currently, the main target appears to be employees of companies. AI bots are copying formats from specific company websites or other public content for use in scams. However, it's possible that this technique will also be used on consumers. For example, scraping your social media profile.

The main protection against fake news attacks is not clicking on links sent via email. Always use your bookmarks or enter known URLs.

Photo by Tyler Franta on UNSPLASH