AI/ML, Phishing

AI-based scam spoofing law firms uncovered

More than 150 domains spoofing law firms have been created as part of an AI-assisted business impersonation scam, according to SecurityWeek.

Numerous registrars across different IP ranges have been tapped for the domains, which have unique SSL/TLS certificates and have been concealed via Cloudflare, a report from Sygnia revealed. Such domains may have been leveraged for the repeated targeting of individuals who had been scammed, as indicated by the use of a phone number previously found in other scam campaigns. More threat actors are expected to launch similar AI-powered scams, noted Sygnia Director of IR Research Amir Sadon.

"[AI] enables less-skilled actors to carry out more sophisticated attacks, particularly in areas like phishing, social engineering, fraud, malware development, and reconnaissance. At the same time, AI allows criminals to automate operations and adapt more quickly, meaning the overall volume and diversity of cybercrime is expected to grow even if the number of highly skilled actors remains relatively stable," said Sadon.

An In-Depth Guide to AI

Get essential knowledge and practical strategies to use AI to better your security program.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds