AI Will Increase the Quantity — and Quality — of Phishing Scams

by Fredrik Heiding, Bruce Schneier and Arun Vishwanath

May 30, 2024

jaap-willem/Getty Images

Summary.

Anyone who has worked at a major organization has likely had to do training on how to spot a phishing attack — the deceptive messages that pretend to be from legitimate sources and aim to trick users into giving away personal information or clicking on harmful links. Phishing emails often exploit sensitive timings and play on a sense of urgency, such as urging the user to update a password. But unfortunately for both companies and employees, gen AI tools are rapidly making these emails more advanced, harder to spot, and significantly more dangerous.

Fredrik Heiding is a research fellow in computer science at Harvard John A. Paulson School of Engineering and Applied Sciences and a teaching fellow for the Generative AI for Business Leaders course at the Harvard Business School. He researches how to mitigate AI-enabled cyberattacks via technical innovations, organizational strategies, and national security policies. Fredrik also works with the World Economic Forum’s Cybercrime Center to improve cybersecurity standards of AI-based cyber defense.

Bruce Schneier is an internationally renowned security technologist, called a “security guru’ by the Economist. He is the New York Times best-selling author of 14 books — including A Hacker’s Mind — as well as hundreds of articles, essays, and academic papers. His influential newsletter Crypto-Gram and blog Schneier on Security are read by over 250,000 people. Schneier is a fellow at the Berkman-Klein Center for Internet and Society at Harvard University, a Lecturer in Public Policy at the Harvard Kennedy School, a board member of the Electronic Frontier Foundation and AccessNow, and an advisory board member of EPIC and VerifiedVoting.org. He is the Chief of Security Architecture at Inrupt, Inc.

Arun Vishwanath , PhD, MBA, is a distinguished scholar and practitioner at the forefront of addressing cybersecurity’s “people problem” who has contributed commentary Wired, CNN, and The Washington Post. A former fellow at Harvard University’s Berkman Klein Center, he is the founder of the Cyber Hygiene Academy and serves as a distinguished expert for the NSA’s Science of Security & Privacy directorate. He is the author of the book The Weakest Link, published by MIT Press.

Read more on AI and machine learning or related topics Cybersecurity and digital privacy, Technology and analytics and Generative AI

AI Will Increase the Quantity — and Quality — of Phishing Scams

Summary.

Partner Center