About Iris

Social Engineering in the Age of AI

Written by Abigail Moyal | Feb 26, 2024 7:00:22 PM

A hot topic that's gaining momentum is the concept of “social engineering in the age of AI.”

Here's a simple breakdown: Social engineering, in the realm of security, is essentially a mind game. Unlike traditional hacking, which breaks into systems digitally, social engineering plays on human psychology to gain unauthorized access to information, systems, or even buildings. Imagine a scam artist who convinces you to hand over your bank details by masquerading as a bank official. Now, enter the age of AI—our current era where artificial intelligence is becoming increasingly integral to our society and promises to play an even bigger role in the future. When we combine social engineering with AI, and we're talking about the evolution of these classic deception techniques into something far more advanced, thanks to AI. This new age brings about highly personalized, automated, and complex scams that are tougher to spot and stop.

So what does this look like in a real application? Here's how these cyber threats look in real-world scenarios for 2024:

         - Phishing attacks: Phishing is a cyber scam that tricks people into sharing personal information by pretending to be a trustworthy source. It's like a digital con artist fishing for your details with a baited hook.
         - Quid-pro-quo: translated as something for something. In a quid-pro-quo attack, the scammer offers a fake "helpful" service, like technical support, in return for your private information. It's a trade-off where you think you're getting help, but instead, you're giving away access to secure data.
         - Deepfakes: Deepfakes are created using AI and deep learning technologies to produce very convincing fake videos and audio recordings. These fakes are often good enough to make it look and sound like real people, such as celebrities or business leaders, are saying or doing things they never actually did. This technology can be misused to trick people into believing false information, causing them to make harmful decisions or leak private information.
         - Spoofing: Spoofing is when hackers fake data to trick people into thinking it's real. These attacks prey on weak spots and the absence of strict checks, leading victims to unintentionally reveal private details, allow access where it shouldn't be, or create chaos by taking advantage of communication flaws.
         - Automated social media manipulation: This employs AI to control numerous fake accounts for spreading misinformation and influencing public opinion on a vast scale.
        - Account Takeover: This occurs when someone breaks into another's online account without permission. They might guess easy passwords, trick the person, or use security gaps to get in. Once inside, they can steal personal info, pretend to be the person to commit crimes and cause financial and reputation damage.

The digital age's landscape is constantly morphing, especially with AI's role in social engineering painting a complex picture of cybersecurity. From phishing to deepfakes, each tactic we've unraveled today marks a critical reminder: staying safe online is an ever-evolving challenge. As we step further into 2024, let's keep our wits about us, question what seems too good to be true, and champion the cause of digital literacy. After all, in the vast sea of the internet, being aware and prepared is your anchor against the tides of deception. Stay sharp, stay secure, and let's navigate these waters together with caution and confidence.


Sources
Arıcıoğlu, Beyza. “Social Engineering Statistics to Know in 2024: Resmo.” RSS, 31 Oct. 2023, www.resmo.com/blog/social-  engineering-statistics. 

Cyware Hacker News. “Things You Need to Know about Social Media Manipulation: Cyware Hacker News.” Cyware Labs, Cyware, 1 Oct. 2019, cyware.com/news/things-you-need-to-know-about-social-media-manipulation-a97083a8. 

Kaspersky. “What Is Social Engineering?” Usa.Kaspersky.Com, 1 Nov. 2023, usa.kaspersky.com/resource-center/definitions/what-is-social-engineering. 

Mixmode. “What Are Ai Generated Attacks?” MixMode, 2023, mixmode.ai/what-is/ai-generated-attacks/. 

Philmlee, Don. “Practice Innovations: Seeing Is No Longer Believing - the Rise of Deepfakes.” Thomson Reuters Institute, 18 July 2023, www.thomsonreuters.com/en-us/posts/technology/practice-innovations-deepfakes/.