Users of a Gmail account need to be particularly careful right now.
A current phishing campaign is targeting the approximately 2.5 billion accounts that use Google’s email client. With the help of artificial intelligence, the tactics are said to be particularly dangerous, as the website PC Tablet reports.
The threat has been given the name “DeepPhish” and can create particularly convincing phishing emails that, at first glance, look like real people that you know or are aware of. This is because the AI can use a user’s personal information to inspire trust through subject lines and targeted information.
To achieve this, the AI collects data from various websites and identifies potential victims. In addition, spoofing is used to imitate an email address that resembles a real enquiry.
What are the consequences of DeepPhish?
The consequences of such a phishing attack range from loss of money and identity theft to the complete takeover of your devices and data, from where further hacking attacks can be launched. The AI algorithms ensure that DeepPhish learns with each new attack and thus becomes increasingly dangerous.
AI can also be used to make attacks even more effective. It makes it particularly easy for cyber criminals to send credible requests to a large number of people, thereby increasing the probability of the phishing attack being successful.
How to protect yourself from DeepPhish
Nevertheless, there are ways to protect yourself from DeepPhish attacks. These include:
- Be sceptical towards unknown contacts or unexpected emails. Look out for signs that someone is not who they say they are and, if in doubt, contact the person personally
- Look out for typical signs of phishing attacks such as unusual requests, acute urgency or contradictory statements
- Be careful about giving out personal information. This applies not only to who you’re emailing but also the entire internet. If you frequently share information about your private life on social media, you’re particularly at risk
- Use strong passwords, two-factor authentication and passkeys. Every step that requires additional authentication is an extra layer of protection that attackers have to overcome
- Keep up to date with the latest security updates and always keep your devices up to date. Security gaps that are actively exploited pose an additional threat
- Train your eye to recognise AI-generated content. There are typical signs that can be recognised in both texts and images, no matter how sophisticated the AI is
An easy way to upgrade your security is by getting a VPN – read our guide to the best VPNs available right now.
To be clear, DeepPhish is in no way related to DeepSeek, the AI chatbot that has been making lots of headlines. Read our DeepSeek AI explainer to learn more.
This article originally appeared on our sister publication PC-WELT and was translated and adapted from German.
