SANS360 Talks | AI-Driven Phishing Attacks

SANS Institute · Advanced ·🔐 Cybersecurity ·1y ago

Key Takeaways

The video discusses AI-driven phishing attacks, highlighting the use of AI-generated voices, deep clones, and personalized content to make attacks more convincing, and provides case studies on generating phishing pages, deep fakes, and voice cloning.

Full Transcript

So uh hey uh thank you everyone for uh joining me here. So I'm I'll be talking about uh AIdriven uh fishing attacks. Um so generally um so imagine the situation where you receive a call from your CEO except that it is not your CEO it's an AI generated voice and they're asking for the typical thing that a scammer would do. They're asking for some private information like in this case a wire transfer. So the trend that we are seeing here is that AI can mimic trusted individuals and it can make fishing even more convincing. Uh so I'm going to start by defining the problem then I'm going to give you some ideas about some trends and we're going to end it with uh three quick case studies. Um so here the with the advancement of AI uh fishing is likely one of the things that is going to get affected the most. Um so in with AI you can have things like AI based personalization of voice you can have deep clones and all those other things and it also increases the sophistication of the attack making the attack look even more legitimate and the problem here is that traditional defenses are not ready for the new AI based uh uh fishing uh trend that's going on and it can cause even bigger like financial and reputational damage. So the the mechanism here is that it starts by some data harvesting. So the attacker will scrape for some social media or like public information that they have about the person. Then it will uh generate AI content like for example they'll generate human like emails or messages in the style of that person based on any content that they have. And then the third thing that is happening is we have voice and video cloning where you you must have seen these trends about deep fakes that are going on. Um so these are some trends that I have on the screen. Um so fishing attacks surged by uh 58.2% in 2023. So I don't we don't have the stats for 2024 yet but it was a big surge as you can see. And there have been new trends in fishing which is voice fishing and deep uh deep fake attacks uh which are significantly on the rise. And the two most published scams were or like fishing trends were tech support scams and QR capture scams. And this is from a report by Zcaler. Um now we're going to go into three case studies. The first one is generating a fishing page with AI. So as you can see on the screen we have uh we're using chat GPD to generate a fishing login page uh that looks exactly like the Microsoft signin page. So as you can see we started off with just a simple uh login SSO page which doesn't look too appealing or like a Microsoft page but then eventually through like multiple refinements we able to get to a stage where we have an distinctly looking uh Microsoft signin page here. Um and this was the like this is one of the capabilities that um attackers are using to generate really accurate content as and as you can see with the new image generator of chat GBT um how uh significantly important it is to stay aware aware of all these kinds of trends. So the second case study is about deep fakes and you must have seen this typical trend of Elon Musk promising you to double your crypto or maybe something like this where you have an Elon Musk deep fake um who is like deceiving individuals into investing money. So this was one of the case studies that I want to talk about and the third one is about wishing and this was something that actually happened to Zcaler's own CEO. So the attacker um called an employee on WhatsApp and they use an AI generated clone of the CEO and just to ensure that it's not too suspicious they made up something like hey the cell reception is not that good and then they immediately followed up with a text message and the conversation continued but the employee was suspicious of that and reported to the security team and then they investigated the the report and they realized as it was part of a widespread uh wishing campaign. So uh some of the call of action for from this is to stay proactive to make sure that your your company is uh continually updated on security policies and training and to make sure that you are uh on on the um on the significantly higher side or the or the more advanced on the defensive side to make sure that you're aware of all of these uh advancements that are going on with fishing and AI. um and use things like advanced thread detection, deep fake spotting tools and of course the third and the most important thing is to build a culture of vigilance. So ensure that you uh encourage on something like internal reporting and uh allow your employees to um flag suspicious content because usually these kinds of things uh humans are the weak links and usually it is some form of an employee from which these attackers are able to get in. But uh but yeah uh that was about it. Thank you so much. If you want to take uh grab these slides, you can grab it from the URL. Thank you. [Applause]

Original Description

SANS AI Cybersecurity Summit 2025 SANS360 Talks present 10 experts that have 360 seconds to deliver actionable AI/ML strategies for enhancing your security workflows. AI-Driven Phishing Attacks - Chaitanya Rahalkar Uncover how cybercriminals are weaponizing AI to create more deceptive and scalable phishing campaigns. View upcoming Summits: http://www.sans.org/u/DuS
Watch on YouTube ↗ (saves to browser)
Sign in to unlock AI tutor explanation · ⚡30

Playlist

Uploads from SANS Institute · SANS Institute · 0 of 60

← Previous Next →
1 SANS FOR610: Reverse Engineering Malware: Malware Analysis Tools & Techniques
SANS FOR610: Reverse Engineering Malware: Malware Analysis Tools & Techniques
SANS Institute
2 SANS Institute Cybersecurity Training Customer Stories
SANS Institute Cybersecurity Training Customer Stories
SANS Institute
3 SANS Institute UK Cyber Academy
SANS Institute UK Cyber Academy
SANS Institute
4 SANS Institute UK Cyber Academy
SANS Institute UK Cyber Academy
SANS Institute
5 CISSP® Prep Exam, MGT414, by SANS Institute
CISSP® Prep Exam, MGT414, by SANS Institute
SANS Institute
6 SANS Institute's Rob Lee Discusses The OPM.GOV Hack on CNN
SANS Institute's Rob Lee Discusses The OPM.GOV Hack on CNN
SANS Institute
7 Information Security Training from SANS Institute - Student Testimonials
Information Security Training from SANS Institute - Student Testimonials
SANS Institute
8 SANS NetWars
SANS NetWars
SANS Institute
9 SANS DFIR NetWars
SANS DFIR NetWars
SANS Institute
10 Hack The Drone - SANS Cyber Academy UK
Hack The Drone - SANS Cyber Academy UK
SANS Institute
11 SANS VetSuccess Immersion Academy
SANS VetSuccess Immersion Academy
SANS Institute
12 SANS Cybersecurity Training, Certifications & Placement for Veterans
SANS Cybersecurity Training, Certifications & Placement for Veterans
SANS Institute
13 The 2015 SANS Holiday Hack Challenge
The 2015 SANS Holiday Hack Challenge
SANS Institute
14 SANS VetSuccess Academy: Hands-on Skills
SANS VetSuccess Academy: Hands-on Skills
SANS Institute
15 SANS VetSuccess Academy Overview
SANS VetSuccess Academy Overview
SANS Institute
16 SANS ICS Security Summit & Training 2017
SANS ICS Security Summit & Training 2017
SANS Institute
17 Exploring the Unknown Industrial Control System Threat Landscape – SANS ICS Security Summit 2017
Exploring the Unknown Industrial Control System Threat Landscape – SANS ICS Security Summit 2017
SANS Institute
18 WannaCry recap, patches, and analysis
WannaCry recap, patches, and analysis
SANS Institute
19 If We’re Doing So Well at Cyber Security, Why Are We Still Doing So Poorly?
If We’re Doing So Well at Cyber Security, Why Are We Still Doing So Poorly?
SANS Institute
20 Graduation Day - SANS HM Gov Cyber Retraining Academy
Graduation Day - SANS HM Gov Cyber Retraining Academy
SANS Institute
21 Incentivizing ICS Security: The Case for Cyber Insurance – SANS ICS Security Summit 2017
Incentivizing ICS Security: The Case for Cyber Insurance – SANS ICS Security Summit 2017
SANS Institute
22 SANS Data Breach Summit & Training 2017
SANS Data Breach Summit & Training 2017
SANS Institute
23 SANS Secure DevOps Summit & Training 2017
SANS Secure DevOps Summit & Training 2017
SANS Institute
24 How Threats Are Slipping In the Back Door - SANS ICS Security Summit 2017
How Threats Are Slipping In the Back Door - SANS ICS Security Summit 2017
SANS Institute
25 SANS Webcast – Continuous Opportunity: DevOps & Security
SANS Webcast – Continuous Opportunity: DevOps & Security
SANS Institute
26 SANS Cybersecurity Programs for the Department of Defense
SANS Cybersecurity Programs for the Department of Defense
SANS Institute
27 SANS Pen Test HackFest Summit & Training 2017
SANS Pen Test HackFest Summit & Training 2017
SANS Institute
28 SANS SIEM & Tactical Analytics Summit & Training
SANS SIEM & Tactical Analytics Summit & Training
SANS Institute
29 If We’re Doing So Well, Why Are We Still Doing So Poorly? – SANS ICS Security Summit 2017
If We’re Doing So Well, Why Are We Still Doing So Poorly? – SANS ICS Security Summit 2017
SANS Institute
30 SANS Institute
SANS Institute
SANS Institute
31 ICS515: ICS Active Defense and Incident Response
ICS515: ICS Active Defense and Incident Response
SANS Institute
32 SANS Institute
SANS Institute
SANS Institute
33 Introducing the NEW SANS Pen Test Poster
Introducing the NEW SANS Pen Test Poster
SANS Institute
34 SANS Institute - An Inside Look at the Newly Updated ICS515 Course
SANS Institute - An Inside Look at the Newly Updated ICS515 Course
SANS Institute
35 SANS ICS Security Training, Munich, Germany
SANS ICS Security Training, Munich, Germany
SANS Institute
36 SANS Automotive Summit Webcast
SANS Automotive Summit Webcast
SANS Institute
37 Privesc Playground - SANS Pen Test HackFest Summit 2017
Privesc Playground - SANS Pen Test HackFest Summit 2017
SANS Institute
38 Introduction to Reverse Engineering for Penetration Testers – SANS Pen Test HackFest Summit 2017
Introduction to Reverse Engineering for Penetration Testers – SANS Pen Test HackFest Summit 2017
SANS Institute
39 Honey, Please Don’t Burn Down Your Office: Fun with Smart Home Automation
Honey, Please Don’t Burn Down Your Office: Fun with Smart Home Automation
SANS Institute
40 SANS Security Operations Summit & Training 2018
SANS Security Operations Summit & Training 2018
SANS Institute
41 Sh*t Happens!  (But You Still Need to Drink the Water) – SANS ICS Summit 2018
Sh*t Happens! (But You Still Need to Drink the Water) – SANS ICS Summit 2018
SANS Institute
42 ICS Threat Intelligence: Moving from the Unknowns to a Defended Landscape – SANS ICS Summit 2018
ICS Threat Intelligence: Moving from the Unknowns to a Defended Landscape – SANS ICS Summit 2018
SANS Institute
43 You’re Probably Not Red Teaming (And Usually I’m Not, Either) – SANS ICS Summit 2018
You’re Probably Not Red Teaming (And Usually I’m Not, Either) – SANS ICS Summit 2018
SANS Institute
44 A Sneak Peak at the New ICS410
A Sneak Peak at the New ICS410
SANS Institute
45 Jumping Air Gaps – SANS ICS Summit 2018
Jumping Air Gaps – SANS ICS Summit 2018
SANS Institute
46 Introduction to Linux
Introduction to Linux
SANS Institute
47 Introduction to Malware Analysis
Introduction to Malware Analysis
SANS Institute
48 You’re Probably Not Red Teaming (And Usually I’m Not, Either) Webcast by Deviant Ollam
You’re Probably Not Red Teaming (And Usually I’m Not, Either) Webcast by Deviant Ollam
SANS Institute
49 Hacking your SOEL: SOC Automation and Orchestration – SANS Security Operations Summit 2018
Hacking your SOEL: SOC Automation and Orchestration – SANS Security Operations Summit 2018
SANS Institute
50 Hunting for Post-Exploitation Stage Attacks with Elastic Stack and the MITRE ATT&CK Framework
Hunting for Post-Exploitation Stage Attacks with Elastic Stack and the MITRE ATT&CK Framework
SANS Institute
51 Apples and Oranges?:  A CompariSIEM – SANS Security Operations Summit 2018
Apples and Oranges?: A CompariSIEM – SANS Security Operations Summit 2018
SANS Institute
52 SANS Webcast - Perimeter Security and Why it is Obsolete
SANS Webcast - Perimeter Security and Why it is Obsolete
SANS Institute
53 SANS Webcast - Trust No One: Introducing SEC530: Defensible Security Architecture
SANS Webcast - Trust No One: Introducing SEC530: Defensible Security Architecture
SANS Institute
54 The Science of Security: The Psychological Impacts of Security Awareness Programs
The Science of Security: The Psychological Impacts of Security Awareness Programs
SANS Institute
55 How I Pulled Off an Edgy Security Campaign – SANS Security Awareness Summit 2018
How I Pulled Off an Edgy Security Campaign – SANS Security Awareness Summit 2018
SANS Institute
56 Practical Advice for Submitting to Speak at a Cybersecurity Conference
Practical Advice for Submitting to Speak at a Cybersecurity Conference
SANS Institute
57 SANS Webcast - Consuming OSINT: Watching You Eat, Drink, and Sleep
SANS Webcast - Consuming OSINT: Watching You Eat, Drink, and Sleep
SANS Institute
58 SANS Webcast - Zero Trust Architecture
SANS Webcast - Zero Trust Architecture
SANS Institute
59 SANS STX Cyber Range
SANS STX Cyber Range
SANS Institute
60 Part 1 – SANS Institute and Tenable talk about cloud security
Part 1 – SANS Institute and Tenable talk about cloud security
SANS Institute

The video discusses the increasing threat of AI-driven phishing attacks and provides case studies on generating phishing pages, deep fakes, and voice cloning. It emphasizes the importance of staying proactive, updating security policies, and building a culture of vigilance to combat these threats.

Key Takeaways
  1. Stay updated on phishing attack trends
  2. Implement advanced threat detection
  3. Use deep fake spotting tools
  4. Build a culture of vigilance
  5. Encourage internal reporting
  6. Flag suspicious content
💡 AI-driven phishing attacks are becoming increasingly sophisticated, making it essential to stay proactive and update security policies to combat these threats.

Related Reads

📰
Top 20 Cyber Security Interview Questions for Freshers
Learn the top 20 cyber security interview questions for freshers to boost your career in cyber security
Dev.to AI
📰
Managing a Million Security Profiles at the Edge
Learn how to manage a large number of security profiles at the edge of a global network by predicting site defenses and traffic patterns
Medium · AI
📰
The First Five Minutes After an Employee Clicks a Phishing Link
Learn what happens in the first five minutes after an employee clicks a phishing link and why it matters for cybersecurity
Medium · Cybersecurity
📰
IDOR simple way with no burpsuite banged P3
Learn a simple way to identify IDOR vulnerabilities without using Burpsuite, and understand the impact and reporting of such vulnerabilities
Medium · Cybersecurity
Up next
Best VPN For China 2026 — Which One Actually Works?
Tutorial Stack
Watch →