{"type":"rich","version":"1.0","provider_name":"Transistor","provider_url":"https://transistor.fm","author_name":"Daily Security Review","title":"AI-Powered Polymorphic Phishing: The New Era of Social Engineering","html":"<iframe width=\"100%\" height=\"180\" frameborder=\"no\" scrolling=\"no\" seamless src=\"https://share.transistor.fm/e/9f458916\"></iframe>","width":"100%","height":180,"duration":4214,"description":"Cybercrime is entering a new phase—one marked by AI-powered phishing attacks, the weaponization of legitimate remote access tools, and the rise of professionalized underground markets.Recent reports highlight the alarming growth of AI-driven polymorphic phishing, where malicious emails are automatically tailored, randomized, and adapted in real time. By scraping public data and mimicking communication styles, attackers craft hyper-personalized spear phishing messages capable of bypassing blocklists, static signatures, and secure email gateways. Some campaigns even incorporate deepfake voice and video content, making them nearly indistinguishable from legitimate communications. With 82% of recent phishing campaigns showing AI involvement—a 53% surge year-over-year—traditional defenses are quickly losing effectiveness.At the same time, attackers are exploiting legitimate remote monitoring and management (RMM) tools such as ConnectWise ScreenConnect and AnyDesk. These tools, widely used by IT professionals, are increasingly leveraged by ransomware operators for stealthy persistence and lateral movement. Campaigns have deployed ScreenConnect through AI-enhanced phishing lures disguised as Zoom or Teams invites. Vulnerabilities like CVE-2024-1709 (authentication bypass) and CVE-2024-1708 (remote code execution) make these tools even more attractive, enabling attackers to create admin accounts and deploy malware without detection. Because these applications are inherently trusted in enterprise environments, they often evade antivirus, EDR, and firewall defenses.Underpinning these trends is the professionalization of cybercrime, driven by lucrative ransomware profits and the growth of a crime-as-a-service (CaaS) ecosystem. Access brokers, exploit developers, and phishing kit vendors now operate like a global supply chain for cybercrime, lowering barriers to entry for less-skilled attackers. Europol warns that organized crime groups dominate this space, scaling their...","thumbnail_url":"https://img.transistorcdn.com/pL79_MJFeJHamQ_ztImsGmDSMdl27VMk_30TAkieujE/rs:fill:0:0:1/w:400/h:400/q:60/mb:500000/aHR0cHM6Ly9pbWct/dXBsb2FkLXByb2R1/Y3Rpb24udHJhbnNp/c3Rvci5mbS8yNzg5/ZjlhNzM5Y2M4Njli/NjkxNzgyODA2Nzhi/MDI2ZC5wbmc.webp","thumbnail_width":300,"thumbnail_height":300}