ChatGPT Gemini Users, Optimizely Vishing Breach, Telecom AI Protection
Last week was all about phishing, vishing, and spoofing attacks that kept the experts on their toes. While GPS spoofing attacks saw a sudden spike due to regional conflicts between the US and Iran, the ad tech brand Optimizely was targeted by a group of threat actors. Also, cybercrooks have been trying to exploit users by leveraging malicious ChatGPT and Gemini apps. But the silver lining is that experts are trying to make the most of artificial intelligence to prevent voice-spoofing scams.
If you use ChatGPT and Gemini, you’ve got to see this!
A whole new phishing campaign is doing the rounds that involves fake AI tools like Gemini and ChatGPT. The end goal is to persuade users to download malicious iOS apps and to share sensitive data, such as Facebook login details.
The victim receives a phishing email in the inbox that promotes account management tools, or any specific business or advertising. It also contains malicious links that redirect the recipient to fake apps that are explicitly developed to harvest user credentials.
What makes the phishing campaign so credible and reliable is the use of AI branding. The moment a victim downloads the fake app, they’re asked to sign in using their Facebook login credentials. The hackers justify the use of Facebook login credentials by claiming that these details will be helpful in account access and ad management at a later stage.
But the reality is that the stolen credentials can be misused by the cybercrooks to break into your Facebook accounts. Those accounts connected with some kinds of business are quite vulnerable to such attacks. Further, these compromised business accounts can be leveraged to carry out fraudulent activities like scam promotions, ad fraud, and so on.
This new phishing campaign hints towards an ongoing shift in the cyberattack ecosystem. Threat actors are eventually transitioning from malicious websites to mobile apps.
Optimizely’s business contact details got compromised in a vishing scam!
Optimizely, the US-based ad tech brand, suffered a data breach incident that led to business data compromise. Threat actors, most likely some members of the ShinyHunters gang, used a vishing attack to target Optimizely.
Situated in New York, Optimizely operates across 21 global locations. The ad tech brand has an employee base of over 1500 people, and it serves renowned names such as PayPal, Toyota, H&M, Zoom, and so on.
Optimizely has been sending data breach notification letters to its affected customers. In the letter, the company has stated that it came to know about the unfortunate data breach incident on February 11. It immediately jumped into action and discovered that threat actors had used a vishing attack. But the good news is that the cybercrooks were unable to dig deeper and impart further damage.
It was indeed a sophisticated threat attack, and affected some of the internal business systems. Optimizely has urged customers to exercise caution against spear phishing attacks.
Optimizely’s contact data breach highlights the need for strong cybersecurity and proper DMARC, DKIM, SPF and email authentication.
Telecom operators are relying on AI to prevent voice spoofing attacks!
Voice spoofing scams are on the rise. The easy accessibility of voice cloning tech has further made it convenient for scammers.
Telecom operators have been trying to leverage AI to curb the growing nuisance of voice spoofing. These AI tools are designed to analyse audio in real time. From voice characteristics, caller identification metadata, to audio signals, these AI-backed systems will evaluate everything.
These AI tools are designed to identify synthetic speech and monitor suspicious calling behavior.
Although AI can successfully detect a voice spoofing attack and disrupt it, the same is not applicable to deepfake scams. These AI tools fail to distinguish between a human call and a deepfake call because deepfakes make the fake voice more convincing, credible, and hyper-personalized.
Regional conflict now affecting aviation risks– GPS spoofing on the rise
Incidents of GPS spoofing have spiked significantly because of the ongoing regional conflicts between the US and Iran. Commercial aircraft that fly between the UAE and the Persian Gulf are being targeted by cybercrooks left, right, and center. The hackers are manipulating the navigation signals of these air carriers.
This is a serious concern as the cyber warfare tactic can severely hamper civilian air traffic.
False signals can make it extremely difficult for pilots to fly the aircraft. From route optimization and navigation to safe landing, everything is affected by such fake signals. Following the fake signal can end up the flights in militarised or restricted airspace. Such activities can further lead to defensive actions by the military due to geopolitical tensions.
Since March, hundreds of flights have been affected by such signal anomalies. Authorities have taken preventive measures such as adjusting the routes and bolstering the cyber ecosystem.
