With the new year approaching, let's look at the top cyber security threats to watch out for in 2024.
Phishing
Phishing is still the #1 tool hackers like to use to steal your data. Unfortunately, most people still have a bad habit of clicking the first button they see.
Hackers have gotten better at crafting specific emails to trick people in a hurry. And now they have and extra helper: AI.
Generative AI can be used to create very convincing phishing emails, chatbots, messages, or websites.
Advanced phishing scams like spear phishing are a lot easier, thanks to AI. While AI is busy pumping out email templates, hackers have more time to gather more intel about important people.
Phishing emails convey a sense of urgency; they will always want you to “act now”, or “transfer this ASAP”.
Do not open those emails, click on any links, or download files if you are not confident in the sender. If you aren't sure, log into the account in a separate tab.
AI-Powered Scams
AI voice and video generators are taking off. Since nearly every public figure has some type of video or voice recording, it's not hard to generate super-believable content.
Even newbie hackers have access to apps like FakeApp or Face Swap. And there is a ton of open-source deep fake software available for free on GitHub.
Social media has made it easier for hackers to push deepfakes because people pay less attention to detail. The average person will scroll and move on.
Generative AI can be exploited to create other scams such as automated customer support scams.
For example, fake customer support bots mimic the communication style of a legitimate business in an attempt to gain access to credentials.
To spot a deep fake, check for blurry or obscure features in hair, skin, or environment. The lighting will look unnatural because the algorithms use clips from different sources.
Voice deepfakes can be tougher to detect, but if you're getting a call from anyone asking for a username and password, hang up!
Browser Extensions
Google Chrome represents the lion's share of home users. If people aren't using Chrome, they are using a Chromium-based browser.
Chrome extensions are a great way to simplify the user experience. But hackers like to infiltrate the Chrome Web Store with malware.
These browser extensions seem helpful on the surface, but the true ulterior motives are hidden in the code.
For example, you might download an extension that can convert files to PDFs on the fly, but it's there to inject ads into your browser.
If Google finds a bad actor in the Chrome Store, they will ban it from being installed.
But that doesn't mean it's automatically removed from your computer. You might still need to uninstall it from your device manually.
And check your browser extensions and make sure anything unnecessary is uninstalled. The fewer extensions you have, the safer it is.
Wrapping Up
Phishing is still the number one go-to for hackers. AI is just making it easier to craft emails. If you see a message about an account being compromised, it's best to open up another tab and check for yourself.
AI is making it easier for scammers to generate malicious content. Look through any video you suspect is fake with a fine-toothed comb. With deepfakes, blurry textures, and bad lighting are the key points.
And make sure any browser extensions you use aren't a privacy nightmare. Take a look at some of the reviews; other users may report on potential issues.
