Please Verify You Are Human: AI-Assisted Phishing

August 26, 2024
It’s no secret that artificial intelligence (AI) has been the talk of the town for the last couple of years. With tech giants like Google and Microsoft investing heavily in their applications, it seems this new technology is here to stay. From students outsourcing their assignments to ChatGPT, to businesses generating marketing material featuring employees with a few too many fingers, AI can be a powerful tool to increase the user’s productivity.
internet_safety_shutterstock_2247888569_compressed

However, as with any new technology, there will always be those that will utilize it for more harm than good. Just as the mass adoption of email and daily Internet browsing opened the floodgates for new and improved fraud attempts, malicious actors have adopted this technology to enhance their operations with several concerning methods.

Phishing emails, once easily identified by their awkward language and generic messages, can now be crafted by AI to closely imitate legitimate communication styles, making them far more convincing and difficult to detect. Voice cloning technology, powered by AI, allows attackers to replicate the voice of an individual with alarming accuracy, facilitating voice phishing (vishing) schemes that prey on individuals’ trust. Additionally, “deepfake” technology enables the creation of highly realistic video or audio content, which can be used to deceive targets by presenting convincing but false evidence. Together, these AI-driven techniques represent a significant escalation in the complexity and effectiveness of phishing attacks, posing a threat to both individuals and organizations.

Fortunately, no matter how advanced these fraud attempts may get, the principles of security awareness will not fail you:

Verify the sender

Is the email sender who they say they are? Look carefully at the sender’s full email address for red flags. If your coworker John Doe’s email is john.doe@company.com, be wary of jdoe@company.com or john.doe@compani.com.
 

Think before you click

Even if a link or attachment is coming from a trusted source, always check the details before clicking. Is the SharePoint link your coworker sent you actually taking you to SharePoint? Is that Word file attached to the emails actually a Word document?
 

Be skeptical

Ask yourself questions when you find the situation is even slightly abnormal. Would your manager urgently call or email you when you normally communicate via Teams or Slack? With the introduction of voice cloning technology, it’s important to think rationally, even if you hear the voice of an angry boss or a distraught relative. If there is any doubt of the caller or sender’s identity, it is recommended to end communication and directly call or email the supposed sender to get confirmation.

Keeping up with new technology is a never-ending race. Luckily, staying ahead of this emerging threat is as simple as reinforcing the basics.  If you’d like to read more on voice cloning fraud, McAfee Labs conducted a study on the subject: https://www.mcafee.com/blogs/privacy-identity-protection/artificial-imposters-cybercriminals-turn-to-ai-voice-cloning-for-a-new-breed-of-sc​am/.

Authored by: Reed Buettner, Security

Back to blogs

About the Company

Founded in 1871, BCT - Bank of Charles Town, also known as The Community's Bank, is a wholly owned subsidiary of Potomac Bancshares, Inc. (OTC:PTBS). With approximately $871 million in assets as of September 30, 2024, the Company conducts operations through its main office, an additional eight branch offices, and two loan production offices.  BCT’s offices are located in Jefferson and Berkeley Counties (WV), Washington County (MD), and Loudoun and Stafford Counties (VA). The Bank provides various banking products and services including free access to over 55,000 ATMs through the Allpoint® network plus  another approximately 675 free access ATMs through another partnership.  The Bank provides convenient online and mobile banking for individuals, businesses, and local governments. The Bank also offers commercial lines and term loans, residential and commercial construction loans, commercial real estate loans, agricultural loans, and government contractor loans.  The Bank is also a Small Business Administration (SBA) Preferred Lender.  The Residential Lending division offers secondary market and portfolio mortgage loans, one-time close construction to perm loans, as well as home equity loans and lines of credit.  For over 70 years, BCT Wealth Advisors has provided trust services, growing into a premier financial management, investments, and estate services provider.  BCT was voted Winner in the LoudounNow 2024 Loudoun’s Favorites readers’ poll in four categories:  Bank, Mortgage Company, Banker, and Financial Planner.  Additionally, BCT was voted a “Best of the Best” winner in the 2024 Journal-News Readers’ Choice Awards in four categories:  Bank, Financial Planning, and Loan Services. In 2023, American Banker selected BCT as a “Top 200 Community Bank,” an annual listing of the best performing banks in the United States with assets under $2 billion.    In 2023, 2021, 2020, and 2019 the Bank was named a “Best Bank To Work For” by American Banker.

The Company's shares are quoted on the OTC Pink Sheet marketplace under the symbol "PTBS." For more information about Potomac Bancshares, Inc., and the Bank, please visit our website at www.mybct.bank.