phishing-scams-feature-image

How To Avoid AI Phishing Email Scams

By / / Leave a Comment / Email, Phishing

Is AI Good Or Bad?

Certainly, in my opinion, AI has been responsible for advancements in numerous fields, enhancing efficiency, creativity, and innovation in:

  • Health Care: Improved diagnostics, AI-assisted prosthetics, diagnosing previously incurable diseases, improved hearing, assisted speech, and potential drug discovery and development
  • Science: Space, Nanoscience, Quantum computing, Genomics, Climate Modeling, and more
  • Entertainment: Content Creation, Visual Effects and Animation, Gaming, and even voice assistants
  • Safety and Security: Surveillance (Facial Recognition) and Monitoring, Gunshot detection, Cybersecurity, and social Media Monitoring

However, nothing, not even AI, is all good. When “bad actors” act before deterrents are in place, they can have terrible consequences. Using AI for the development of Malware is one of the easiest ways for cybercriminals to harm large numbers of individuals via sophisticated scams.

AI-Driven Phishing Attacks

Even without AI, as much as 89% of malware comes from email. The number of emails people get each day makes it easy for spam emails to slip by and compromise their security. A primary target has always been businesses, hospitals, insurance companies, or any organization that relies on the network to operate successfully. This is why ransomware remains a top threat. How can a hospital, once breached, not pay the ransom when lives are at stake?

What Steps Can You Take?

phishing-scams

Identifying AI-driven email scams can be challenging, but they often have some telltale signs, and of course, you should always use best practices when opening any email. Even those you believe are from friends. Speaking from experience with my clients, it appears that nothing I say prevents them from getting spammed. Perhaps it’s their belief that people are going to act as they would, the warnings must be overblown, or the spam is too convincing.

With AI-driven phishing, I worry even more about every computer user’s security.  I want to cover several tips that, if followed, will help prevent you from being a target:

  1. Check the Sender’s Email Address: Look closely at the sender’s email address – scammers often use addresses that look very similar to legitimate ones but will include slight variations or misspellings
  2. Look for Generic Greetings: AI-driven scams may use generic greetings like “Dear Customer” instead of addressing you by name – legitimate companies usually personalize their emails
  3. Examine the Content: Be wary of emails with urgent language, threats, or requests for personal information – scammers often create a sense of urgency to prompt quick action without careful consideration
  4. Check for Spelling and Grammar: While AI has improved the quality of phishing emails, some may still contain subtle spelling or grammatical errors – be cautious if you notice any inconsistencies
  5. Beware Embedded Links: Never click on embedded links. Hovering your mouse over them to see the actual URL will help identify if the link is suspicious or doesn’t match the supposed sender’s website
  6. Verify with Source: If you receive an unsolicited email from a company or organization, contact them directly using a known and trusted method (e.g., their official website or customer service number) to verify the email’s legitimacy
  7. Use Security Software: Keep your antivirus and anti-phishing software up to date – these tools can help detect and block malicious emails
  8. Be Skeptical of Attachments: Avoid opening attachments from unknown or unexpected sources, as they may contain malware
  9. Use Windows Sandbox: Open your suspected email in Windows Sandbox:
    1. First, enable Sandbox: type “Windows Features” in the search bar
    2. Click on “Windows Features Turn On or Off” app: Scroll down to select “Windows Sandbox” from the list
    3. Restart Your Computer: Open the Sandbox app
    4. Open the Edge browser in Sandbox: Access your email server (e.g., Gmail, Yahoo, etc.). Open the suspect email and click on any attachments
    5. Close the Sandbox: Once closed, any malicious virus or malware will be discarded

Summary

If you must open a suspicious email, using the Windows Sandbox is the only safe way to ensure you will not be infected. Without using Windows Sandbox, suspect email is better left alone. Even if sent by a friend you trust, it may still contain malware that they were not aware of when sharing the attachment.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top