One Article Review
| Source |  ProofPoint |
|---|---|
| Identifiant | 8494488 |
| Date de publication | 2024-05-06 07:54:03 (vue: 2024-05-06 09:07:05) |
| Titre | Genai alimente la dernière vague des menaces de messagerie modernes GenAI Is Powering the Latest Surge in Modern Email Threats |
| Texte | Generative artificial intelligence (GenAI) tools like ChatGPT have extensive business value. They can write content, clean up context, mimic writing styles and tone, and more. But what if bad actors abuse these capabilities to create highly convincing, targeted and automated phishing messages at scale? No need to wonder as it\'s already happening. Not long after the launch of ChatGPT, business email compromise (BEC) attacks, which are language-based, increased across the globe. According to the 2024 State of the Phish report from Proofpoint, BEC emails are now more personalized and convincing in multiple countries. In Japan, there was a 35% increase year-over-year for BEC attacks. Meanwhile, in Korea they jumped 31% and in the UAE 29%. It turns out that GenAI boosts productivity for cybercriminals, too. Bad actors are always on the lookout for low-effort, high-return modes of attack. And GenAI checks those boxes. Its speed and scalability enhance social engineering, making it faster and easier for attackers to mine large datasets of actionable data. As malicious email threats increase in sophistication and frequency, Proofpoint is innovating to stop these attacks before they reach users\' inboxes. In this blog, we\'ll take a closer look at GenAI email threats and how Proofpoint semantic analysis can help you stop them. Why GenAI email threats are so dangerous Verizon\'s 2023 Data Breach Investigations Report notes that three-quarters of data breaches (74%) involve the human element. If you were to analyze the root causes behind online scams, ransomware attacks, credential theft, MFA bypass, and other malicious activities, that number would probably be a lot higher. Cybercriminals also cost organizations over $50 billion in total losses between October 2013 and December 2022 using BEC scams. That represents only a tiny fraction of the social engineering fraud that\'s happening. Email is the number one threat vector, and these findings underscore why. Attackers find great success in using email to target people. As they expand their use of GenAI to power the next generation of email threats, they will no doubt become even better at it. We\'re all used to seeing suspicious messages that have obvious red flags like spelling errors, grammatical mistakes and generic salutations. But with GenAI, the game has changed. Bad actors can ask GenAI to write grammatically perfect messages that mimic someone\'s writing style-and do it in multiple languages. That\'s why businesses around the globe now see credible malicious email threats coming at their users on a massive scale. How can these threats be stopped? It all comes down to understanding a message\'s intent. Stop threats before they\'re delivered with semantic analysis Proofpoint has the industry\'s first predelivery threat detection engine that uses semantic analysis to understand message intent. Semantic analysis is a process that is used to understand the meaning of words, phrases and sentences within a given context. It aims to extract the underlying meaning and intent from text data. Proofpoint semantic analysis is powered by a large language model (LLM) engine to stop advanced email threats before they\'re delivered to users\' inboxes in both Microsoft 365 and Google Workspace. It doesn\'t matter what words are used or what language the email is written in. And the weaponized payload that\'s included in the email (e.g., URL, QR code, attached file or something else) doesn\'t matter, either. With Proofpoint semantic analysis, our threat detection engines can understand what a message means and what attackers are trying to achieve. An overview of how Proofpoint uses semantic analysis. How it works Proofpoint Threat Protection now includes semantic analysis as an extra layer of threat detection. Emails must pass through an ML-based threat detection engine, which analyzes them at a deeper level. And it does |
| Notes | ★★★ |
| Envoyé | Oui |
| Condensat | $50 business cybercriminals we 000+ 1 100 2 2013 2022 2023 2024 250 365 500 ability about abuse according accuracy achieve across actionable activities actors advanced after against aimed aims all allow allows already also always analysis analysis analysts analyze analyzes announced anomalies apply approach are around array artificial ask attached attachments attack attackers attacks attributes authentication automated available bad based bec bec emails become before behavior behavioral behind below better between billion block blog boosts both boxes breach breaches brief broad business businesses but bypass can capabilities capture catch causes centric chain changed changing characterized chatgpt checks choose classifications clean click closer code combat comes coming commitment committed complete complex comprehensive compromise constantly contemporary content context contextual continuous continuously convincing cost countries create credential credible crucial customers cybercriminals daily dangerous data datasets decades december deeper defenders defined delivered delivers delivery demonstrated detect detection determined different does doesn doubt down during easier efficacy effort either element else email emails embedding emerging employ end engine engineering engines enhance errors even ever evolve example excel expand explainability exploiting extensive extra extract faster features fidelity file find findings fine first flags fortune found fraction fragmentation fraud fraud” frequency from game genai generation generative generic given globe goal google grammatical grammatically great happening has have headers help here high higher highly how human identifies identify images important inboxes included includes including: increase increased independent indicators industry information innovates innovating innovation innovation intelligence intent investigations involve its japan jumped just key korea landscape language languages large latest launch layer layered layering learn learned let level like line links llm long look lookout looks losses lot low making malicious many market massive matter meaning means meanwhile message messages method methods mfa microsoft millions mimic mine mistakes model modern modes month more most multifactor multilayered multiple must myriad need new next not notes now nuances number obvious october one online only organizations oriented other out over overview pass past patents payload payment people per perfect personalized phish phishing phrases post power powered powerful powering predelivery proactive probably process productivity proofpoint protect protecting protection provides quarters ransomware reach receiver red relationships rely report report from representations represents return right root routing salutations scalability scale scams schemes secured security security see seeing semantic semantics sender sentences sentiment set signals similarity simple single social solution someone something sophisticated sophistication speed spelling stack state step stop stopped style styles success surge suspicious systems tactics take talked target targeted taxonomy technique techniques technologies technology telephone tens text than that theft them these they those threat threats three through throughout time tiny toad tone too tools total toward traits trust trying tune turns two types uae underlying underscore understand understanding urgency url use used users uses using value variations various vector verizon vulnerabilities weaponized what when which why wide widest will within wonder words works works workspace would write writing written year your “bank |
| Tags | Ransomware Data Breach Tool Vulnerability Threat |
| Stories | ChatGPT |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.