Between September 2023 and December 2023, the number of novel social engineering attacks increased by 35 per cent
That’s according to Darktrace based on data from its customer base. Novel social engineering is a phishing tactic in which emails use more sophisticated language than before, such as increased text volume, longer sentences and improved punctuation.
The improved use of language could be related to the broader availability of large language models, which can help optimize text. The connection cannot be confirmed, but “the continued increase in these advanced techniques suggests that attackers are more frequently using generative AI tools to make their attacks more powerful.” According to the security company, generative AI has given malicious actors the means to develop targeted attacks quickly and at scale.
Another indication of this connection is Darktrace’s figures on novel social engineering in January and February 2023. During that period, the number of attacks increased by 135 per cent, coinciding exactly with the widespread adoption of ChatGPT.
Overall increase
In addition to the rise in novel social engineering, Darktrace notes that the overall number of phishing attacks within its customer base is increasing. Companies using Darktrace received 2,867,000 phishing emails in December alone, up 14 per cent from September.
Tip: Brand spoofing: criminals increasingly disguise themselves as local businesses