Draft:AIshing

Submission declined on 2 October 2024 by KylieTastic (talk). This submission is not adequately supported by reliable sources. Reliable sources are required so that information can be verified. If you need help with referencing, please see Referencing for beginners and Citing sources. This draft's references do not show that the subject qualifies for a Wikipedia article. In summary, the draft needs multiple published sources that are: in-depth (not just passing mentions about the subject) reliable secondary independent of the subject Make sure you add references that meet these criteria before resubmitting. Learn about mistakes to avoid when addressing this issue. If no additional references exist, the subject is not suitable for Wikipedia. If you would like to continue working on the submission, click on the "Edit" tab at the top of the window. If you have not resolved the issues listed above, your draft will be declined again and potentially deleted. If you need extra help, please ask us a question at the AfC Help Desk or get live help from experienced editors. Please do not remove reviewer comments or this notice until the submission is accepted. Where to get help If you need help editing or submitting your draft, please ask us a question at the AfC Help Desk or get live help from experienced editors. These venues are only for help with editing and the submission process, not to get reviews. If you need feedback on your draft, or if the review is taking a lot of time, you can try asking for help on the talk page of a relevant WikiProject. Some WikiProjects are more active than others so a speedy reply is not guaranteed. How to improve a draft Wikipedia:Contributing to Wikipedia – a basic overview on how to edit Wikipedia. Help:Wikitext – how to use the markup Help:Referencing for beginners – how to include references Wikipedia:Article development – how to develop your article Wikipedia:Writing better articles – how to improve your article Wikipedia:Verifiability – make sure your article includes reliable third-party sources You can also browse Wikipedia:Featured articles and Wikipedia:Good articles to find examples of Wikipedia's best writing on topics similar to your proposed article. Improving your odds of a speedy review To improve your odds of a faster review, tag your draft with relevant WikiProject tags using the button below. This will let reviewers know a new draft has been submitted in their area of interest. For instance, if you wrote about a female astronomer, you would want to add the Biography, Astronomy, and Women scientists tags. Add tags to your draft Editor resources Easy tools: Citation bot (help) | Advanced: Fix bare URLs Declined by KylieTastic 33 days ago. Last edited by KylieTastic 33 days ago. Reviewer: Inform author. Resubmit Please note that if the issues are not fixed, the draft will be declined again.

AISHING: Phishing attacks targeting AI systems.

AIshing (pronounced "eye-shing") is a cybersecurity term coined by Ali Osman Elmi, a Certified Information Security Manager working at Saudi Telecom Company. It refers to AI-powered phishing attacks, where artificial intelligence (AI) is used to craft and execute sophisticated phishing schemes. These attacks leverage AI's ability to analyze data, generate highly personalized and convincing messages, and automate the process of deceiving individuals or organizations to extract sensitive information, such as login credentials, financial data, or personal information.

Etymology

The term AIshing was coined by Ali Osman Elmi to represent the next generation of phishing attacks, where AI plays a crucial role. The pronunciation "eye-shing" highlights the use of artificial intelligence in the process, with the "-shing" suffix maintaining the metaphor of "fishing" for sensitive data, a concept integral to traditional phishing.

Background

Phishing has been one of the most common cyberattacks for decades, but with the advancement of AI, attackers have developed more sophisticated ways to execute these attacks. AIshing involves the use of machine learning and AI algorithms to create highly customized phishing messages. These algorithms can analyze large datasets, including social media profiles, emails, and other publicly available information, to create messages that are highly personalized and believable, increasing the likelihood that a target will fall for the scam.

How AIshing Works

Data Analysis: AI systems can scan and analyze vast amounts of data related to potential targets, including online behavior, email patterns, and communication styles.

Message Crafting: Based on the collected data, AI generates highly personalized phishing messages, making them appear authentic and tailored to the recipient's interests or activities.

Automation: AIshing attacks can be automated, allowing hackers to target large numbers of individuals or businesses without significant manual effort.

Deepfakes: In some cases, AIshing may use deepfake technology to impersonate trusted individuals through audio, video, or text, further enhancing the credibility of the phishing attempt.

Examples of AIshing

Personalized Emails: AI algorithms can craft phishing emails that seem to come from a recipient’s close contact or a trusted organization, based on prior communications and patterns.

Social Engineering: AIshing can involve AI-powered chatbots that engage with victims in real-time, mimicking human interaction to extract sensitive data.

Deepfake Phishing: AIshing may involve deepfake audio or video calls from a seemingly legitimate source, tricking victims into revealing confidential information.

Defenses Against AIshing

Advanced Email Filtering: Companies and individuals should use AI-powered email filters that can detect unusual patterns or content typical of AIshing attempts.

Multi-Factor Authentication (MFA): Adding multiple layers of verification can help prevent unauthorized access, even if login credentials are compromised.

Employee Training: Regular cybersecurity training on recognizing phishing attempts, especially those using AI, is crucial for mitigating AIshing risks.

AI Countermeasures: Leveraging AI systems to detect and block AI-generated phishing attacks can help reduce the success rate of such attacks.

Impact of AIshing on Cybersecurity

AIshing represents an evolution in cyberattacks, raising concerns about the future of phishing and the overall security of digital environments. As phishing attempts become more sophisticated, traditional detection methods may become less effective. Cybersecurity professionals are increasingly looking toward AI-driven countermeasures to keep up with these evolving threats.

References

Phishing attacks:

National Institute of Standards and Technology. "Phishing." NIST Computer Security Resource Center, https://csrc.nist.gov/glossary/term/phishing

Accessed 2 September 2024.

AI Security Vulnerabilities:

Vincent, James. "Adversarial attacks could trick AI into making dangerous mistakes." The Verge, 22 February 2019,

https://www.theverge.com/2019/2/22/18235138/ai-machine-learning-adversarial-attacks-examples.

Accessed 21 September 2024.

AI and Cybersecurity:

Harwell, Drew. "As AI spreads, so do risks of hacking." The Washington Post, 8 August 2022,

https://www.washingtonpost.com/technology/2022/08/08/ai-security-hacks/

Accessed 12 September 2024.

Adversarial AI Examples:

Goodfellow, Ian, et al. "Explaining and Harnessing Adversarial Examples." International Conference on Learning Representations (ICLR), 2015,

https://arxiv.org/abs/1412.6572.

Accessed 18 September 2024.

AI Safety and Security:

OpenAI. "AI and security: Why protecting AI systems is critical." OpenAI Blog, 14 September 2023, https://openai.com/blog/ai-security/.

Accessed 1 October 2024.