Gli attacchi di phishing alimentati dall'IA sono in crescita: come proteggersi

Notizie
Di Pubblicato

I vecchi avvertimenti non funzionano più, avvertono gli esperti

Illustration of a hooked email hovering over a mobile phone
(Immagine:: Getty Images)
  • • Kaspersky avverte che l'IA è utilizzata per redigere email convincenti, generare deepfake e molto altro
  • • Il numero di clic sui link di phishing cresce trimestre dopo trimestre
  • • Gli utenti sono avvertiti di restare vigili per stare al sicuro dagli attacchi

L'Intelligenza Artificiale Generativa (GenAI) sta rendendo gli attacchi di phishing più intelligenti, più difficili da rilevare e più diffusi, secondo una nuova ricerca di Kaspersky.

I suoi risultati affermano che nel secondo trimestre 2025, i suoi prodotti hanno rilevato e bloccato più di 142 milioni di clic su link di phishing, rappresentando un aumento del 3,3% rispetto al primo trimestre.

Se da un lato potrebbe significare che c'erano più attacchi di phishing durante l'estate, dall'altro potrebbe anche significare che il volume è rimasto lo stesso - ma gli attacchi effettivi sono diventati più convincenti.

Official IdentityForce® | Identity Theft Protection - save up to 68% annually

Official IdentityForce® | Identity Theft Protection - save up to 68% annually

<p>Many people don’t know how to protect their ID. Get your ID Action Plan here. Get a personalized step-by-step Action Plan & ID Safety Score based on YOUR dark web hits.
Vedi offerta

Generating deepfakes

“AI has elevated phishing into a highly personalized threat. Large language models enable attackers to craft convincing emails, messages and websites that mimic legitimate sources, eliminating grammatical errors that once exposed scams,” the researchers said.

“AI-driven bots on social media and messaging apps impersonate real users, engaging victims in prolonged conversations to build trust. These bots often fuel romantic or investment scams, luring victims into fake opportunities with AI-generated audio messages or deepfake videos.”

The researchers also said that GenAI isn’t just being used to eliminate spelling and grammar errors - arguably the biggest red flags in phishing emails.

It is also used to create realistic audio and video deepfake impersonations of trusted individuals, including colleagues, celebrities, and bank officials.

These deepfakes are then used to promote fake giveaways, or steal sensitive information such as multi-factor authentication (MFA) codes, passwords, and similar.

“AI-powered tools analyze public data from social media or corporate websites to launch targeted attacks, such as HR-themed emails or fake calls referencing personal details,” Kaspersky added.

How to stay safe

As the risk of phishing grows, staying vigilant online remains the best way to be safe.

Users should always be skeptical of unsolicited incoming messages, especially those that demand urgent action or threaten with a disaster.

These are, and will continue to be, the biggest red flag in phishing attacks.

You might also like

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.