Researchers Found Nearly 600 Incidents of AI Fraud | Security Magazine

Menlo Security’s annual browser security report reveals a significant escalation in browser-based attacks, driven primarily by generative AI technologies. Analysis of over 752,000 phishing attacks shows a 140% increase in browser-based phishing and 130% rise in zero-hour attacks compared to 2023. Microsoft, Facebook, and Netflix emerged as the most impersonated brands, whilst nearly 600 incidents involved fraudulent GenAI platforms exploiting victims through imposter sites. The research indicates cybercriminals now create approximately one million new phishing sites monthly—a 700% increase since 2020—with 51% involving brand impersonation tactics. Notably, 75% of phishing links are hosted on legitimate, trusted websites, creating an average six-day exposure window before detection by traditional security tools. Subdomain-based phishing attacks increased 51%, representing nearly a quarter of all incidents. Cloud service exploitation has intensified, with AWS and Cloudflare accounting for almost half of abused hosting instances. The report highlights browsers’ vulnerability as the primary gateway for both professional and personal activities, enabling attackers to bypass conventional security measures through sophisticated techniques including malicious advertising, business collaboration tool exploitation, and browser vulnerability abuse.​​​​​​​​​​​​​​​​