Browser-based phishing attacks surge due to AI

Artificial intelligence has driven the 140% year-over-year increase in browser-based phishing intrusions in 2024, with the technology also behind the 130% year-over-year growth in zero-hour phishing attack prevalence, SiliconAngle reports.

While most of the browser-based phishing attempts involved the spoofing of Microsoft, Facebook, and Netflix, generative AI service impersonation has been on the rise — with almost 600 incidents involving the use of fake generative AI platform sites, according to a study from Menlo Security. Additional findings revealed not only a spike in phishing sites since 2020 but also a surge in subdomain provider-hosted phishing incidents, as well as the mounting usage of ads in widely known websites to facilitate malware compromise. Such a report was noted by Black Duck Software's Thomas Richards to signify threat actors' accelerated acclimation to new technologies. "Every new advancement in technology is a double-edged sword; powering automation and increase in hosted services helps businesses and malicious actors alike. [Software-as-a-service] providers should begin implementing malicious detection to lock and remove accounts that are suspicious and hosting malicious or impersonating content," said Richards.