Be wary of the latest AI-based email cybersecurity trends

In the first half of 2022, businesses around the globe endured 2.8 billion malware incidents and 235 million ransomware threats, with six million phishing attacks predicted by the year’s end. The most vulnerable point of entry — and a favorite phishing hole where hacks most often succeed — is the digital super-highway of inbound and outbound email.

Technological advancements in artificial intelligence (AI)-powered phishing expeditions and machine learning (ML) advancements have enabled hackers to develop far more efficient and less detectable attacks. These seemingly authentic emails appear to be from a safe origination, are increasingly more sophisticated and scam higher numbers of unsuspecting victims all the time.

Additionally, a multitude of employees, sub-contractors and students now connect to professional networks from remote personal locations, which makes the digital line between business and personal connectivity blurry. As business advisor Bernard Marr recently stated in Forbes, "Threats are just as likely to emerge due to improperly secured networks leaving sensitive data accidentally exposed, or unwary or indiscreet employees using non-secured devices while working from home.” This applies quite often to the use of email systems, which is still one of the most frequently used applications during the average person’s work and personal day. According to a recent report published by Safety Detectives, email is responsible for 92% of malware security incidents and 90% of all cyberattacks. Similarly, they estimate that 38% of malware currently arrives disguised as a Microsoft Word file.

These threats make it essential to establish protection for both business and home workplace activities. This extends to family behavior as well, since home workers often share their networks with other family members. Software with AI and ML defenses will better protect overall enterprise assets from these cyber threat escalations, which target email data and feed on human fallibility. Here are some of the latest threats we’ve been hearing about in the ever-evolving market, which are expected to gain greater momentum:

Geophishing: AI and ML have allowed malicious parties to evolve phishing capabilities, empowering them to accurately pinpoint the location of a targeted user. Hackers have taken to integrating realistic details that match a user’s hometown or the location of their bank, healthcare provider or other business partner. These emails are often nearly indistinguishable from an authentic message. Email security software must therefore incorporate AI intelligence to similarly combat these tactics. Sophisticated solutions fight back by scanning email content, links and attachments with tools such as optical character recognition to calculate authenticity with a high rate of success. AI- and ML-powered methods are far more effective than traditional security email gateway (SEG) solutions, which instead rely on blacklisting of already-established malicious IP addresses as opposed to interpreting text to determine the ill intentions of the message. Blacklisting does little to discern an imposter email.

Smishing & vishing: AI and ML schemes troll mobile devices via text/SMS, voice messages and social media, conducting brand-imposter attacks disguised as courtesy alerts or helpful information. Most of these drive victims to a fake website via links or attachments. These scams incorporate overdue payment alerts, banking overdraft warnings, packages needing e-signatures, fraudulent vaccine updates and purchase cart reminders. Spoof voicemails often impersonate government offices such as the Social Security Administration or the Internal Revenue Service. Once victims are driven to an online destination, the fraudulent link infects their data system and commandeers the user’s information. Business- and home-based email systems are frequently infiltrated in this manner.

Remote desktop protocol (RDP) exploitation: More than ever, hackers are targeting remote connectivity to a business or educational network utilizing RDP, or remote desktop protocols, just as a student, consultant or contractor would connect to a third-party network. According to a 2021 FBI Internet Crime Report, phishing emails, RDP exploitation and exploitation of software vulnerabilities ranked as the top-three infection vectors reported for ransomware attacks.

The Internet of Medical Things (IoMT): IoMT refers to a collection of internet-connected medical devices, hardware infrastructure and software that connect to and comprise a healthcare IT environment via edge computing. Mobile computing devices, laptop carts, electronic equipment for specialized environments like the ER or OR — all of these devices require wireless access to a larger infrastructure. IoMT presents an array of opportunities for hackers to breach the system, providing multiple points of entrance to vulnerable areas of the networks that must all be secured.

Elder financial exploitation (EFE): Phishing scams that identify and target older individuals have skyrocketed since the onset of the pandemic. An AARP report on elder fraud noted that COVID-19-related scams cost seniors $100 million in 2020, with a whopping $547 million attributed to relationship and romance scams in 2021. These attacks can be email, voice and social media generated and all typically involve some kind of digital currency exchange.

Security software that relies on blacklisting and whitelisting of IP addresses are clearly not sufficient to combat the great variety of AI- and ML-based threats, which are now so convincing, cunningly targeted and ubiquitous that even savvy computer users fall victim along with more vulnerable populations. To protect users from these attacks, businesses must not just educate their employees, but arm themselves with technologies that are as evolved and capable as the nefarious hackers, leveraging the same kinds of AI- and ML-driven tools to foil these attempts, taking the burden out of employees’ hands.

ON DEMAND: Business-impacting events such as severe weather, man-made disasters, and supply chain disruption are increasing in frequency and making impacts around the globe.

In today's rapidly evolving security landscape, organizations face an ever-growing array of disruptive events, security threats and risks. Traditional reactive approaches to security intelligence often leave businesses vulnerable and ill-prepared to anticipate and mitigate emerging threats that could impact the safety of their people, facilities or operations.