“The average user should be worried because phishing is being refined with AI”

AI is changing everything, including cybersecurity. The release of Claude Mythos a couple of months ago set off the alarms: AI is now capable of finding dozens of vulnerabilities that have been hidden for years. Fear has become the new resource of AI companies to announce their new models. The question is how this affects us mere mortals.

More sophisticated scams. For Daniel Púa, head of security at Magnificent (formerly Freepik), the impact is clear: “The average user should be worried because phishing is being refined with AI.” At this point “we have all received the typical phishing with spelling mistakes, with use cases from banks that are not ours, which are very easy to identify.” However, with AI we are seeing how scams are becoming more sophisticated and it is going to be increasingly difficult for us to detect them.

“Calls are going to start arriving with the voice of a family member, video calls with the video of a family member and that’s when things are going to get complicated”

Cloned voices. “Calls are going to start arriving with the voice of a family member, video calls with the video of a family member and that’s when things are going to get complicated,” Daniel warns. Although not yet the most common scam attempt, deepfake calls with cloned voices that impersonate a family member in distress They are already a problem, to the point that Google itself knows about it and introduced a feature to prevent this.

Next step: video calls. As Daniel Púa warns, fake video calls impersonating another person are already a reality. At the moment we have known cases that attack companies, such as the employee who transferred 25 million dollars in a video call in which everyone was deepfakes except him, or as a political weaponbut it is a matter of time before this technology begins to be used against ordinary citizens.

From companies to the end user. Púa tells it from within Magnific: “we already have many scam attempts posing as our CEO, on WhatsApp, with audios and everything.” And he anticipates how it will escalate towards the individual user: “once they are established in the companies, which are like the gold mine where they can exploit it more, they will move on to the next one, which is the ordinary user (…) being a much more massive scam, it is no longer a single objective, but there are hundreds of thousands of people and some will get stung.”

How to avoid it. Púa’s advice is as simple as it is necessary: ​​”everyone should have a second method of approval. If a family member comes and asks you for something strange, confirm it in another way. For example, if they called you by phone, then you confirm it on WhatsApp.” Cybersecurity experts recommend taking it a step further and create a family password. Púa agrees: “In case he’s asking you something strange, you say, ‘What’s our secret word?’ And you make sure it’s the right person.”

The speech of fear. AI companies are using cybersecurity fear as a sales argument for their latest models. Daniel Púa does not buy all that talk: “a lot of hype has been given to it. I do believe that it is the next step in this advance that is being seen in AI related to security, but I do not think it is a paradigm shift as many are selling.” He does not believe that Claude Mythos has been as big a leap as they have sold us and illustrates it with a very clear comparison: “if we say that Opus 4.8 could be a knife, Mythos is perhaps a machete. It is a little more dangerous, but they could do the same damage to you with the previous models.”

Be careful with open source. But just because you don’t buy all the talk doesn’t mean that there is no danger, there is a sector in which it is: open source projects. “Almost all the vulnerabilities that Mythos has discovered are in open source programs, with access to the code. That is where I do see a big paradigm shift.” He explains why: “a normal person can take days or weeks and even get lost in that flow and not find the vulnerability. An agent works much better in this because they can follow the entire flow in seconds or minutes.”

Image | Xataka with Magnific

In Xataka | A stranger calls you on your cell phone and hangs up before you can react. The worst thing you can do: call back

Leave your vote

Leave a Comment

GIPHY App Key not set. Please check settings

Log In

Forgot password?

Forgot password?

Enter your account data and we will send you a link to reset your password.

Your password reset link appears to be invalid or expired.

Log in

Privacy Policy

Add to Collection

No Collections

Here you'll find all collections you've created before.