Learn Why Phishing Attack Statistics Keep Skyrocketing

Each year — there is a rise in phishing attacks, in 2023 alone, there was a 967% increase in credential phishing attacks.

Yes that is correct¹, 967%.

There was also a rise of 22% in QR themed phishing attacks².

And to directly remove a myth, the myth that states that websites with a green lock are legitimate and can be trusted… Well that is wrong.

That green lock (SSL certificate) is also installed and used by cybercriminals — as it allows them to look more legitimate.

To give it a number, there was a 56% increase in phishing sites using HTTPS.

Why Do The Numbers Keep Going Up?

It is the blame of cybersecurity companies — they are not doing their jobs correctly…. Nah, we are joking.

The increase of numbers is caused by a lot of factors, here are some of them.

Accessibility to AI services

ChatGPT, Google Bard and Midjourney are some prime examples of services that are being abused by cybercriminals to craft flawless phishing attacks.

Yes, these services do have some rules in place to halt the creation of phishing attacks, but hey… phishing attacks need to look legitimate — a cybercriminal won’t prompt the AI to build a phishing email or webpage.

Cybercrime has quickly adapted and has accepted AI to be a valuable asset in the creation of cyber attacks.

No Language barrier

ChatGPT is a large language model (LLM) — and it is not limited in the languages it can respond in. This service, which is great, allows everyone to play with the language the AI system has to respond in.

This functionality is greatly boosting the options the cybercriminals have when they prompt for phishing content.

By using “free and effective” translation services, cybercriminals increase their hit ratio of phishing attacks.

• Using YARA for Malware Analysis
• Incident Response Information Sharing with IRIS
• Introduction to Disk Analysis Using Autopsy
• Step-by-Step Guide to Forensically Acquiring Logs with KAPE
• Phishing Checklist

API access and Local LLM

Now we already know that AI is being used for cybercrime, and that there are no language barriers, but we are not done yet. It gets better.

The big AI brands we just mentioned, all have API access, this means that with some code, cybercriminals are able to prompt the AI and get responses that can be used in their cyber attacks.

It even allows them to change phishing content on the fly.

But these cybercriminals are not limited to these big brands — smart tools like GPT4ALL³ allow anyone to download and use Local AI models with API access.

You just need some processing power and memory (32GB) and you are all set to go…

Some of these models are:

• gpt4all-falcon-q4_0.gguf
• orca-2-7b.Q4_0.gguf
• wizardlm-13b-v1.2.Q4_0.gguf

The availability and possibility to run local AI models, means that cybercriminals can craft their phishing content in bulk (while staying offline..)

The use of legitimate services

Just 10 years ago, most of the applications needed to create websites had to run locally, but as technology advanced, so did the creative tools and services.

Awesome tools like CANVA and service providers like Fiverr hit the spotlight.

With CANVA (online graphic design tool), you can quickly craft websites and templates, which can also be HOSTED⁴ there (with a paid CANVA account).

Fiverr, which is a “services marketplace” opened the doors to many and with just some queries, you can find freelancers that craft the best videos, audio, code OR text..

Let me summarize this real quick: All of the heavy work that is needed to create a legitimate touch and look can be outsourced with legitimate sites. There is no need for cybercrime to go on the darkweb to get “results”.

It goes on

When we take a look at criminal marketplaces,which can be anywhere, we quickly see that phishing kits are offered next to stolen databases that hold personally identifiable information (PII).

They don’t even have to come from the same seller.

Cybercriminals which offer these services, take their business very seriously.

They continue to improve and sometimes they even have their own helpdesk that provides support to those that have purchased their phishing kits (or any service actually).

We almost forgot to mention their Affiliate programs — aside from providing the option to anyone to join their illegal activities, they also provide training and support to those, to be more effective⁵. Just like a real commercial company.

Cybercrime gangs operating like a company are not weird. Cybercrime is a major business. These criminals have all the motivation they need to grow — the motivation being money.

The cost of cybercrime damage is expected to hit $9.5 Trillion USD in 2024⁶.

This brings us to the end of this post — we really hope you enjoyed this blog. Do share it around, and help us grow the Threat Intelligence Lab.

1. https://www.prnewswire.com/news-releases/slashnexts-2023-state-of-phishing-report-reveals-a-1-265-increase-in-phishing-emails-since-the-launch-of-chatgpt-in-november-2022–signaling-a-new-era-of-cybercrime-fueled-by-generative-ai-301971557.html ↩︎
2. https://www.hoxhunt.com/blog/insights-hoxhunt-cybersecurity-human-risk-benchmark-challenge ↩︎
3. https://gpt4all.io/index.html ↩︎
4. https://www.canva.com/help/canva-websites/ ↩︎
5. https://ebcs.gsu.edu/about/cybercrime-ecosystem/ ↩︎
6. https://www.einpresswire.com/article/674883055/cybercrime-damages-to-cost-the-world-9-5-trillion-usd-in-2024 ↩︎