As reported by SiliconAnglethe obfuscation techniques in the context of e-mail phishing they are increasingly common and refined.
In fact, according to research, tactics of this type have been detected in 55,2% of malicious emails analyzed in the period from January to September 2023. Compared to the same period of the previous year, in fact, it was possible to notice an increase in 24,4%.
To make this context even more bleak, however, there is a relationship between Egress Software Technologies. In fact, some studies show that they are often used two or more techniques of obfuscation at the same time to make emails more realistic.
Among the solutions most adopted by cybercriminals we can mention attacks smuggling HTML or the distribution of “dormant” malware. As part of phishing attacks, this site’s techniques have increased by 25% in a year. Overall, attacks using email as a vector improved 29% results when it comes to bypassing considered secure gateway systems.
Smuggling HTML and AI: the evolution of phishing attacks
The aforementioned report, then, reinforces what is a common opinion among professionals. We are talking about greater sophistication of phishing campaigns also thanks to the adoption of tools related toArtificial intelligence.
Jack Chapman, vice president of Threat Intelligence at Egress, expressed himself in this regard, stating that “Without a doubt, chatbots or large language models lower the barrier of entry to cybercrime, allowing you to create well-written phishing campaigns and generate malware that less capable programmers couldn’t produce themselves“.
An evolution that is quite worrying, but which can be counteracted with some practices among users. For example, it may be very useful to carefully evaluate the sender of an email before considering it reliable. Secondly, analyze links used within it and towards which URL they direct is important to avoid cases of phishing.
Be a antivirus can undoubtedly be helpful, it is good to remember how a prudent approach and the stay informed compared to online threats, it is additional precautions that can make the difference.
