"The prospects for phishing in the era of AI could be huge. We've (arguably) moved well beyond requests for money from fake nation state princes, we're now in place where all message formats (emails, audio messages or video messages) can faked. "We are going to have to have multiple trusted channels with those who are close to us. If one channel, email, WhatsApp, Slack, etc. gets an important message, you may need to validate this on another channel."
"We may even pick up the phone and call each other, like it's the 90s," suggested Dr. Dag Flachet, one of the co-founders of Codific, a Barcelona-based software company that focuses on building secure privacy-focused cloud applications for areas such as HR-tech, Ed-Tech and Med-Tech. Flachet is a specialist in organisational psychology and is an active contributor to several OWASP projects, as well as regulatory guidance around the Cyber Resilience Act."
"The months ahead may also see the end of passwords as they become outdated in favour of passkeys that use biometric authentication combined with cryptographic keys linked to a device. Looking at the rise of unsanctioned shadow AI, Flachet stresses the need for data protection. He says that although fighting shadow AI is not going to be easy, firms can educate their employees so that they understand the risk of sharing information or access with AI models or agents."
AI-generated fakes will make email, audio, and video messages increasingly susceptible to phishing and spoofing. Critical messages will require validation across multiple trusted channels, including phone calls for high-risk confirmations. Passwords are likely to be replaced by passkeys that combine biometric authentication with device-bound cryptographic keys. The rise of unsanctioned shadow AI heightens data-protection risks. Organizations should equip teams with security-endorsed tools, consider running models locally where appropriate, and educate employees about the dangers of sharing sensitive information or access with external AI models or agents.
Read at Techzine Global
Unable to calculate read time
Collection
[
|
...
]