Email attacks on business tripled in 2023 — and ChatGPT was often the culprit

Chat-GPT is being used in more attacks, experts warn

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Email attacks against businesses have increased dramatically as hackers continually use generativeAI toolsto optimize their content and streamline malicious campaigns, new research has claimed.

A new report from Acronis based on data collected from more than a million uniqueendpointsacross 15 countries, found AI-poweredphishingaffected more than 90% of organizations last year, and that AI helped email attacks grow by 222% between the second half of 2023, and today.

“There’s a disturbing trend being recognised globally where bad actors continue to leverageChatGPTand similar generative AI systems to increase cyberattack efficiency, create malicious code, and automate attacks,” said Candid Wüest, Acronis VP of Product Management. “Now, more than ever, corporations need to prioritize comprehensive cyber protection solutions to ensure business continuity.”

Leveraging Chat-GPT

Email attacks, mostly phishing, remain the primary vectors of infection, the report further states, with organizations experiencing a notable 54% increase in the number of attacks, per firm. Most of the attacks happened in Singapore, Spain, and Brazil, and Acronis identified a third of emails (33.4%) as spam. An additional 1.5% containedmalware, or phishing links, it said.

Phishing is the primary infection vector for a number of reasons: email is omnipresent, it’s simple to use, and it’s cheap. It’s also easy to automate. Finally, victims overwhelmingly trust their email service providers to keep them safe from threats, often clicking on links and downloading attachments without second-guessing their good nature.

In the pre-ChatGPT era, the easiest way to spot a phishing attack was to just use common sense and read the email message. Hackers are rarely English majors (many don’t live in English-speaking countries), and their messages were full of spelling and grammar mistakes, as well as clumsy wording and different inconsistencies. However, since the introduction of generative AI tools, email messages have become significantly more convincing.

“The Acronis Cyberthreats Report H2 2023 highlights the continued threats faced by businesses of all sizes worldwide,” said Michael Suby, Research VP, IDC. “Unfortunately, bad actors continue to profit from these activities and are leveraging AI-enhanced techniques to create more convincing phishing schemes, guaranteeing that this problem will continue to plague businesses.”

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

This new phishing strategy utilizes GitHub comments to distribute malware

Should your VPN always be on?

Phishing attacks surge in 2024 as cybercriminals adopt AI tools and multi-channel tactics