Fraudsters are using AI Phishing and ‘Juice Jacking’ to target travellers.

Fraudsters are using AI Phishing and 'Juice Jacking' to target travellers.



With the summer travel season in full swing and travelers hitting the road, cybercriminals are turning to new technologies to execute scams and steal information, from artificial intelligence email attacks to fake smartphone chargers to prey on power-hungry travelers.

According to a recent report by cyber security firm SlashNext, phishing email attacks have increased by 856 percent over last year, an increase that it says is driven in part by generative AI. The technology allows fraudsters to send phishing emails in multiple languages ​​at the same time, which has led to a 4151% increase in malicious emails since ChatGPT was launched in 2022.

“A threat actor can trigger AI to write an email quickly and in any language at zero cost,” SlashNext CEO Patrick Harr said in an interview. [phishing emails] I can write not only in English but in different languages ​​and target multiple people in different parts of the world and I can do it literally in seconds.

A recent report by the International Business Times highlighted a sharp rise in phishing attacks targeting business and leisure travelers with fake website listings and steep discounts—for example, a Swiss mountain resort that offers $200 a night, while other sites claim $1,000 a night.

bybit

Marnie Wilking, booking.com's chief data security officer, told IBT: “If there is even the slightest doubt, call the property, hosts and customer support.

Booking.com did not immediately respond to a request for comment from Decrypt.

A phishing attack involves sending messages to unsuspecting victims who click on a link to a malicious website or application, tricking users into entering personal or security information such as passwords.

In January, cybercriminals took more than $700,000 from phishing victims using the Mailerlite service.

A new form of phishing, “funny” or text message phishing, Harar is an increasingly popular and dangerous method of attacking cell phones.

“Obviously we've moved to a mobile world a long time ago and people are very used to using texting, and these bad actors are always going to go where you're comfortable and try to intrude themselves,” Harr said. “What we've seen as a change in ‘magic' is now it's not just ‘click here' because your gift package is at the door.”

After businesses adopted QR codes during the Covid-19 pandemic, Harr said the ubiquitous signs are now being used by fraudsters.

“80 percent of all phones have no protection against phishing,” Harr said, citing a recent Verizon report. “So that's why they're using QR codes—they're trying to get you to pay for something, reveal sensitive information about yourself, or steal your password.”

Squeeze juice

While phishing attacks are far and away the most prevalent attack vector used by cybercriminals, the US Federal Communications Commission (FCC) recently issued a warning about “juicy scams” aimed at travelers looking to charge their devices at airports and hotels.

Attackers use technology built into the USB standard to transfer power and data. When a maliciously configured USB port or cable is plugged into a victim's device, it can steal data or install unwanted software.

To avoid this type of attack, the FCC recommends plugging personal chargers into mainstream power outlets and using portable batteries, or using data blocks that ensure USB connections are limited to power transfers.

Vigilance throughout the year

Decrypt reached out to the US Cyber ​​Security and Infrastructure Security Agency (CIA) for further advice.

A CISA spokeswoman pointed to resources available to help consumers better protect themselves from phishing scams, including common phishing signs such as urgent or emotional language, requests for personal information and false email addresses.

Misspelled words used to be a clear sign of a phishing attack, but the CIA says it's no longer widely used.

“This is something people can do all year round to stay safer, not just in the summer,” a CISA spokesperson told Decrypt.

Edited by Ryan Ozawa.

Generally intelligent newspaper

A weekly AI journey narrated by a generative AI model.



Leave a Reply

Pin It on Pinterest