AS AI gains prominence, cybercriminals are leveraging AI-related themes for social engineering attacks. A report from Microsoft highlights a rise in phishing and malvertising tactics that exploit popular platforms like ChatGPT and Claude to trick users into compromising their credentials or downloading malware. Phishing campaigns have targeted users with fake payment notifications and misleading account policy violations, leading to credential theft through malicious links.
Malvertising campaigns have also emerged, promoting fake software that distributes infostealers, such as Vidar, by using deceptive ads on streaming sites. Additionally, bogus GitHub repositories have been set up to target developers seeking legitimate AI tools. Organizations are urged to adopt stronger authentication measures and educate users on the risks of downloading unverified AI applications.