With the new year comes new tricks, and phishing scammers are using artificial intelligence (AI) to target people at an increasing rate. Now is the best time for 51吃瓜网万能科大 employees to stay sharp to ensure they don鈥檛 take the bait.
Phishing is a type of cyberattack where scammers pretend to be someone you trust 鈥 like a bank or friend 鈥 to trick you into sharing passwords and other sensitive information or downloading malicious software. Oftentimes, fake emails are used to carry out this crime.
In 2023, phishing attacks increased by 58 percent compared to the previous year, due in part to a surge in AI-driven schemes, revealed. With generative AI, cybercriminals can easily create realistic-looking phishing campaigns, making them more believable and harder to detect. It also means new types of scams are possible, like artificially generated videos and audio recordings that use a cloned voice to impersonate a reputable person.
With AI-generated phishing scams on the rise, what can you do to protect yourself and 51吃瓜网万能科大?
According to Vito Rocco, the university's chief information security officer, faculty and staff need to be aware of the techniques scammers use so they can spot the red flags to avoid falling for phishing scams. The cybersecurity training employees take each year is updated regularly, helping build awareness as these threats evolve and become more sophisticated.
Rocco鈥檚 information security team encourages employees to stay updated on their cybersecurity knowledge. They鈥檙e noticing that annual training and the , where employees volunteer to help strengthen the cybersecurity culture within their department, are making a real difference.
鈥淓mployees are applying what they learned and reacting accordingly to phishing scams,鈥 Rocco said. 鈥淎s a way to check if the training is effective, our team periodically sends simulated phishing exercises. Since we started that a couple of years ago, we鈥檝e seen a significant reduction in the number of clicks on these emails.鈥
Alongside the program鈥檚 training, there are still some things you can watch out for so you don鈥檛 become a scammer鈥檚 next big catch.
鈥淲ith attackers constantly evolving, the barriers to entry are coming down every day,鈥 Rocco said. 鈥淟ong gone are the days where phishing attempts were full of improper grammar and poor spelling. AI has made it easy for attackers to generate a convincing email that sounds like it鈥檚 coming from a real person.鈥
Phishing Precautions
- Avoid deals too good to be true: Be skeptical of messages with urgent language or lucrative offers. 鈥淎ttackers often try to provoke a sense of urgency in order to get you to act quickly without thinking first,鈥 Rocco said. He recommends going directly to the company鈥檚 website to see if the deal is legitimate.
- Inspect messages thoroughly: Pay close attention to the sender and when the email was sent to you. Look for inconsistencies in their email address, like mismatched domain names, or if it鈥檚 marked external. Be wary of emails received at unusual hours of the day, including early mornings and weekends.
- Check links before clicking: Hover over links to ensure website addresses aren鈥檛 different from what you expected. Avoid opening suspicious links or attachments. Before scanning a QR code, check for signs of tampering, including stickers placed over the original code.
- Examine photos and videos: Look closely at images and videos on social media ads, websites, and emails for things that appear unrealistic or out of place, like a hand with six fingers. These falsified photos and videos are called deepfakes. 鈥淲hile we now need to be skeptical of what we read and see in photos, we very soon may need to be skeptical of live video or audio in various forms of communication,鈥 Rocco said.
- Use multifactor authentication (MFA): Your ACE login already has MFA built in. Consider adding MFA to your personal accounts for an extra layer of security, reducing the risk of unauthorized access.
If you suspect an email is a phishing attempt, report it to the IT Help Desk by forwarding the email to ithelp@unlv.edu so it can be investigated. Then delete the email from your 51吃瓜网万能科大Mail inbox.
For more tips on how to protect against phishing scams, visit the on the 51吃瓜网万能科大 IT site.
