The National Information Technology Development Agency (NITDA) has advised Nigerians to be cautious of their activities on the internet as cybercriminals have upped their game in phishing attacks with the use of Artificial Intelligence (AI) tools.
The Agency in its latest advisory to the public, said AI now allows the attackers to conduct thorough research on their victims and create personalized messages to trick them into releasing their sensitive information.
According to NITDA, phishing attacks involve manipulating individuals into opening an infected email attachment, clicking on a malicious link, or giving up sensitive information, such as usernames and passwords or bank information.
These attacks may manifest as phishing emails, phone calls, or text messages, aiming to exploit individuals through manipulation.
User account credentials are valuable targets for cybercriminals because they can be used to access personal and organizational networks. Email-based phishing attacks have become the most common way for attackers to obtain user credentials.
Leveraging AI
While noting that the use of AI has now phishing to be more sophisticated, NITDA in the advisory stated:
- “Lately, these bad actors have taken things up a notch by leveraging Al to improve the sophistication of their attack approaches. This involves using Al to conduct thorough research on potential victims and creating personalized messages to effectively deceive them into divulging sensitive information. This advanced approach shows how phishing attacks are getting more sophisticated and finding new ways to catch people off guard.”
Preventive measures
Highlighting some measures to safeguard individuals and organizations against attacks, NITDA advised Nigerians to be careful about the emails they open and the links they click on.
According to the Agency, Nigerians should also endeavour not to enter their personal information on any website that they do not trust.
NITDA also advised organizations and individuals to engage in continuous education and remain abreast of potential phishing threats. It urged Nigerians to report any suspected incidents to relevant authorities in the country.
Phishing attacks are on the rise
A recent report from Vade Secure revealed that phishing attacks rose by 173% in the third quarter of 2023, while malware threats have increased by 110%.
According to the report, while hackers were busy throughout Q3, they were most active in August, sending more than 207.3 million phishing emails, nearly double the amount from July.
September was the second most active month for phishing (172.6 million emails), followed by July (113.4 million emails). Vade noted that Facebook and Microsoft remained the most commonly impersonated brands in Q3 2023.
- “Trends come and go, but Facebook and Microsoft have proven to be perennial favourites among hackers. Both brands have been the #1 or #2 most impersonated since 2020,” the researchers wrote.