Image: Dall-E/Petter Ahrnstedt
According to a new report by Menlo Security (PDF), a 140 percent rise in browser-based attacks has been recorded over the last year. This is in addition to a 130 percent rise in zero-hour attacks (i.e. novel attacks that cannot be detected by existing detection tools).
This explosive growth is due to a number of factors: our reliance on browsers in the workplace, zero day vulnerabilities, advanced phishing tool, and the increasing adoption of generative AI.
Criminals now use AI to create convincing phishing sites, trick users with false AI services, and automate their targeted attacks. According to security strategist Andrew Harding, advanced social engineering is being combined with “Phishing-as-a-Service” kits and zero-day vulnerabilities. All signs point towards this trend increasing in 2025.
This report also shows how fake AI sites do not just steal login credentials. Many of these sites trick users into downloading infected files, such as fake resume generators. Mobile devices are even more vulnerable, as auto-logins and small screens hide red flags.
In 2025, AI fraud will increase, making it more difficult to distinguish between legitimate sites and malicious ones…
Scam activities, such as fake AI tools that offer premium AI services, will be used by scammers to steal login credentials, personal data, and redirect users to phishing pages. Social engineering techniques that exploit user trust will be crucial to targeting search engines and social media platforms. Be on the lookout when you receive emails that seem to be legitimate, especially those from well-known organizations like PayPal. Double-check all links and downloads before clicking them. Check the authenticity of any website before entering your credentials or revealing sensitive personal information. This article was originally published in our sister publication PC for Alla (19459027) and has been translated and localized.
