As businesses face the growing challenges of an AI-driven world, the landscape of cybersecurity threats has shifted dramatically, with hybrid work adding another layer of complexity.
To gather insights about the impact of these changes, as well as other security challenges, we surveyed 1,000 U.S.-based employed adults and 500 U.S.-based IT leaders. Let’s dive into some of the insights about AI-powered phishing.
The daunting challenge in a shifting cybersecurity landscape
Artificial intelligence (AI) has intensified risks to password security, enabling large-scale yet highly effective phishing attacks that bypass traditional defenses, such as rule-based threat detection.
Meanwhile, changes in workplace behavior, including the mixing of personal and professional devices, have widened the attack surface for hackers. Plus, shadow IT further expands vulnerabilities within businesses.
IT leaders now face the daunting challenge of managing these escalating threats. They are balancing the demands of training, organizational changes, and compliance requirements—all while confronting the growing risk of a breach.
—Frederic Rivain, Chief Technology Officer, Dashlane
“The average employee can face several phishing attempts in just one day, and IT teams need the tools to monitor, support, and empower employees to mitigate risks,” says Dashlane CTO Frederic Rivain. “And while the passwordless future promises to remove much of the risk and pain felt because of passwords, we’re not there yet.”
Recognizing the limitations of traditional approaches, many IT teams are urgently seeking more comprehensive, proactive solutions to address these growing risks.
AI-powered phishing: The imminent danger to your security
AI is enabling cybercriminals who want to access your business’ data. It now makes it easier than ever for these criminals to launch phishing and spear phishing attacks cheaply and on a mass scale.
Attackers are using a new generation of phishing kits, including those leveraging tools such as EvilProxy and incorporating large language models and generative AI, to send highly personalized, convincing messages. These kits also use advanced tactics, including deepfakes and AI-generated content, to carry out increasingly sophisticated scams.
IT leaders and employees report that this rise in AI and the subsequent sophistication of phishing attacks have increased the risk to credential security:
Our data also reflects the growing threat of phishing:
Despite AI accelerating phishing attacks and advancements, many businesses are still taking a traditional approach.
Coming soon in the next installment in this blog series, learn what the data says about traditional approaches to credential security and how they’re failing the modern workforce.
Sign up to receive news and updates about Dashlane
