In 2024, artificial intelligence (AI) drove a 140% year-over-year increase in browser-based phishing intrusions. The technology was also behind the 130% year-over-year spike in zero-hour phishing attack prevalence, SiliconAngle reports.
While most of the browser-based phishing attempts involved the spoofing of Microsoft, Facebook, and Netflix, generative AI service impersonation has been on the rise — with almost 600 incidents involving the use of fake generative AI platform sites, according to a study from Menlo Security.
Additional findings revealed a spike in phishing sites since 2020, a surge in subdomain provider-hosted phishing incidents, and the mounting usage of ads in widely known websites to facilitate malware compromise.
Black Duck Software's Thomas Richards noted that threat actors were quickly acclimating to new technologies.
"Every new advancement in technology is a double-edged sword; powering automation and increase in hosted services helps businesses and malicious actors alike. [Software-as-a-service] providers should begin implementing malicious detection to lock and remove accounts that are suspicious and hosting malicious or impersonating content," said Richards.
