THE article discusses how threat actors exploit the recent AI hype in social engineering tactics, particularly by impersonating well-known AI brands like ChatGPT and Claude, to facilitate phishing attacks, malware distribution, and credential theft. Microsoft Threat Intelligence has documented numerous campaigns employing AI-themed lures, warning organizations to bolster their security measures, including multi-factor authentication and automatic attack disruption.
Specific phishing campaigns are highlighted, such as a ChatGPT-themed bait targeting credit card information and a Claude-themed campaign aimed at harvesting user credentials through deceptive account notifications. The article also covers malvertising activities tied to AI terms leading to malware infections and emphasizes the importance of advanced detection and security protocols to counter these evolving threats.