From infosecisland.com
Social engineering and artificial intelligence (AI) are bringing about a new golden age of hacking for criminals. They are capitalizing on common online habits of everyday people to tempt them to click on or install harmful applications – in the guise of browser extensions, clickbait and more – each specifically targeted to the individual user’s online habits using AI.
Most breaches occur when employees make common, seemingly harmless mistakes. Now, this goes beyond forgetting to install updates or using overly simple passwords. In fact, due in part to the rise of social engineering, employee mistakes account for the vast majority of breaches. Hackers are catching on fast, capitalizing on human nature and using AI and social engineering to target unsuspecting employees. Clickbait isn’t just about articles and pageviews – it’s about getting a backdoor into your network through unsuspecting employees.
These increasingly sophisticated attacks might look like a harmless browser extension or an article in a social media feed. Employees will likely assume they are legitimate (haven’t we all downloaded a music app or other favorite tool?). Unfortunately, behind these many commonly installed applications, lurks a more sinister motive: a hidden phishing device.