The agency explained that this utilization allows them to formulate personalized messages, effectively deceiving victims into disclosing sensitive information.
This revelation was made in a recent advisory discussing the perils of phishing.
The advisory clarified that phishing attacks manipulate individuals into opening infected email attachments, clicking on malicious links, or surrendering sensitive information, including usernames, passwords, or bank details.
NITDA stated, “These attacks may manifest as phishing emails, phone calls, or text messages, aiming to exploit individuals through manipulation. User account credentials are valuable targets for cybercriminals because they can be used to access personal and organisational networks. Email-based phishing attacks have become the most common way for attackers to obtain user credentials.”
It highlighted that AI had provided more ammunition for attackers, who could improve their modus operandi.
It expanded, “This involves using Al to conduct thorough research on potential victims and creating personalised messages to effectively deceive them into divulging sensitive information. This advanced approach shows how phishing attacks are getting more sophisticated and finding new ways to catch people off guard.”
It advised people to be careful about the emails they open and the links they click on.
The agency stressed that individuals must never enter their personal information on any website that they do not trust.
It added, “Use strong passwords and keep them safe; organisations and individuals should engage in continuous education and remain abreast of potential phishing threats; report suspected incidents to relevant contacts.”
In its ‘Security Bulletin: Statistics of the Year Report,’ Kaspersky revealed that an average of 411,000 malicious files were sent every day in 2023, underscoring an increase in cyber threats.
It noted that its systems detected about 125 million malicious files in total in the year.