The growing sophistication of cyber attacks has gained a new ally: Artificial Intelligence (AI). Cybercriminals are turning to large language models (LLMs) to create large-scale phishing schemes, Kaspersky’s Artificial Intelligence Research Center has revealed. This new strategy allows the automation of previously laborious processes, multiplying the capacity for deception in attacks aimed at users of cryptocurrency wallets and other digital platforms.
Automation and sophistication in cybercrime
The use of LLMs by attackers represents a qualitative leap in their operations. With this technology, it is possible to generate multiple high-quality fraudulent web pages automatically, a task that previously required significant manual intervention.
Vladislav Tushkanov, Director of Kaspersky’s Research Development Group, explains the scale of the problem: “With LLMs, attackers can automate the creation of dozens or even hundreds of phishing and scam web pages with unique, high-quality content. Previously, this required manual effort, but now, through AI, cybercriminals can generate this content automatically.”.
Traces left by AI models
Despite the high quality of the fraudulent pages generated, researchers identified characteristic signs that denounce the use of LLMs. Phrases like “As an AI language model…” or structures like “Although I can’t do exactly what you want, I can try something similar.” appear recurrently in texts created to deceive victims.
Furthermore, cybercriminals are introducing specific elements into the code and content of pages to make it difficult for security systems to detect them. Examples include the use of Unicode characters, diacritical accents, and standardized expressions such as “in the ever-evolving landscape” e “delve”. These details complicate the automatic recognition of fake pages, increasing their effectiveness in carrying out attacks.
Specific cases of fraudulent schemes
Kaspersky identified several phishing pages that imitated well-known platforms such as KuCoin, Gemini, Exodus and Crypto[.]with. One of these fraudulent pages stood out for its use of non-standard characters to obfuscate critical information and deceive unsuspecting users. This level of personalization and detail highlights the transformation of cyber attacks into highly professionalized operations.
Recommendations to mitigate risks
To face this new wave of threats, the importance of adopting preventive measures is reinforced. Among the main recommendations are:
- Carefully check links before clicking;
- Manually enter the website address into the browser instead of following links;
- Use robust security solutions that include safe browsing features.
Users of digital platforms, especially cryptocurrencies, must pay extra attention, as the sector continues to be one of the main targets of cybercriminals.
A future of digital challenges
The use of Artificial Intelligence in cybercrimes, such as phishing, is a reflection of the continuous advancement of technologies, which both enhance positive innovations and increase security challenges. The increasing automation of fraudulent schemes requires an equally sophisticated response, both technologically and educationally, to ensure users are protected in an increasingly complex digital environment.
Also read:
