--- title: "AI Fraud Advancement, Microsoft Leads Phishing, HR Phishing Trends – Cybersecurity News [24 July 2023] | Phish Protection" description: "AI Fraud Advancement, Microsoft Leads Phishing, HR Phishing Trends – Cybersecurity News [24 July 2023]: emailsecurity · AI Fraud, Microsoft Phishing." image: "https://phishprotection.com/og/blog/cybersecurity-updates-for-the-week-30-of-2023.png" canonical: "https://phishprotection.com/blog/cybersecurity-updates-for-the-week-30-of-2023/" --- Quick Answer emailsecurity · \[AI Fraud, Microsoft Phishing, HR Trends, Cybersecurity News \[24 July 2023\]\](https://soundcloud.com/phishprotection/ai-fraud-microsoft-phishing-hr-trends-cybersecurity-news-24-july-2023) Stay informed and secure with this comprehensive Weekly Cybersecurity News, bringing you the latest insights and updates to enhance your phishing protection. Malicious actors have introduced a new AI tool, FraudGPT, following the footsteps of WormGPT , to aid in offensive activities such as crafting spear. Share [ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-30-of-2023%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=AI%20Fraud%20Advancement%2C%20Microsoft%20Leads%20Phishing%2C%20HR%20Phishing%20Trends%20%26%238211%3B%20Cybersecurity%20News%20%5B24%20July%202023%5D&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-30-of-2023%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-30-of-2023%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-30-of-2023%2F&title=AI%20Fraud%20Advancement%2C%20Microsoft%20Leads%20Phishing%2C%20HR%20Phishing%20Trends%20%26%238211%3B%20Cybersecurity%20News%20%5B24%20July%202023%5D "Share on Reddit") [ ](mailto:?subject=AI%20Fraud%20Advancement%2C%20Microsoft%20Leads%20Phishing%2C%20HR%20Phishing%20Trends%20%26%238211%3B%20Cybersecurity%20News%20%5B24%20July%202023%5D&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-30-of-2023%2F "Share via Email") ![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2023/08/what-is-a-zero-day-attack-1019.jpg) [emailsecurity](https://soundcloud.com/phishprotection) · [AI Fraud, Microsoft Phishing, HR Trends, Cybersecurity News \[24 July 2023\]](https://soundcloud.com/phishprotection/ai-fraud-microsoft-phishing-hr-trends-cybersecurity-news-24-july-2023) Stay informed and secure with this comprehensive Weekly [Cybersecurity](/content/cybersecurity-in-a-nutshell) News, bringing you the latest insights and updates to enhance your [phishing protection](/). ### \*\*\*\* Advanced AI Fraud Tool Released for Sophisticated Attacks Malicious actors have introduced a new AI tool, FraudGPT, following the footsteps of[WormGPT](https://thehackernews.com/2023/07/wormgpt-new-ai-tool-allows.html), to aid in offensive activities such as crafting spear phishing emails and creating **malicious tools**. The[Fake ChatGPT scam](https://blog.checkpoint.com/security/facebook-flooded-with-fake-ads-for-chatgpt-google-bard-and-other-ai-services-tricking-users-into-downloading-malware/)has been advertised on dark web marketplaces and Telegram channels, with a monthly subscription cost of $200 . It boasts various capabilities, including writing malicious code, creating undetectable malware, and identifying vulnerabilities. _Over 3,000 confirmed sales and reviews have been reported, but the LLM (Large Language Model) used for its development remains **unknown**_. This emergence of AI-based malicious digital tools poses a significant threat, facilitating phishing and business email compromise attacks at scale, potentially leading to data theft and unauthorized wire payments. Organizations must adopt [in-depth defense strategies](/phishing/how-to-achieve-the-best-phishing-protection) and leverage security for **fast analytics** to counter such fake ChatGPT scams . ![What is a zero day attack](https://media.mailhop.org/phishprotection/images/2023/08/what-is-a-zero-day-attack-1019.jpg) ### Microsoft Tops Phishing Scam List in Q2 2023 > “Microsoft’s built-in phishing protection in Office 365 catches the obvious attacks, but it consistently misses targeted spear phishing and zero-day threats. We see this every day - customers come to us after an incident that Microsoft Defender didn’t catch. Adding a dedicated anti-phishing layer takes five minutes and closes that gap.” - **Adam Lundrigan**, CTO, DuoCircle In Q2 2023, leading tech organization Microsoft topped the list of **most targeted brands** for phishing scams , as[reported](https://www.checkpoint.com/press-releases/microsoft-dominates-as-the-most-impersonated-brand-for-phishing-scams-in-q2-2023/)by Check Point Research in their latest Brand Phishing Report. Notably, the top three spots were occupied by technology giants, with Google and Apple closely following Microsoft. The **technology sector** experienced the highest number of impersonations, with banking and social media networks being heavily targeted by threat actors. For instance, Wells Fargo secured the fourth position due to malicious emails requesting **sensitive account information**. Prominent brands like Walmart and LinkedIn were among the top ten [impersonated entities](https://www.globenewswire.com/en/news-release/2023/01/23/2593454/0/en/Yahoo-Most-Impersonated-Brand-in-Q4-2022-Phishing-Attacks.html). Omer Dembinsky, the Data Group Manager at Check Point Software, highlighted the unchanging tactics employed by malicious actors in flooding inboxes with deceptive emails. He urged individuals to stay vigilant and **be cautious of suspicious emails** that may lead to phishing attacks . Phishing campaigns imitate the official websites of well-known brands, tricking users with **similar domain names** and web page designs. The phishing news emphasizes the need for individuals and organizations to adopt proactive measures to safeguard against [brand phishing attempts](https://www.cxotoday.com/news-analysis/phishing-2023-brands-imitated-the-most/). ### \*\*\*\* HR-Related Email Subjects Increasingly Used as per KnowBe4 Phishing Test Findings KnowBe4’s Q2 2023 phishing[report](https://www.knowbe4.com/press/knowbe4s-annual-phishing-benchmarking-report-finds-untrained-users-are-biggest-flaw-in-organizations-cyber-defense-layer)reveals a concerning trend: HR-related email subjects account for 50% of the **top-clicked phishing** attempts. Threat actors exploit **users’ emotions** to trick them into clicking malicious links or attachments, causing distress or excitement. As per the phishing test results , holiday-related subjects were also used as bait, with HR-themed incentives referencing national holidays like the 4 th of July. These tactics aim to exploit employee trust and prompt **hasty actions** that can lead to disastrous outcomes for organizations. Stu Sjouwerman, CEO of KnowBe4, emphasizes the need for new-school [security awareness training](/content/phishing-awareness-training/security-awareness-training) to combat these sophisticated phishing tactics, as an **educated workforce** is the best defense against cyber attacks. With Kevin Mitnick, KnowBe4’s Chief Hacking Officer, contributing his expertise in designing the training, the platform remains vital in fostering and maintaining an organization’s **strong security culture**. ![What is a zero day attack](https://media.mailhop.org/phishprotection/images/2023/08/what-is-a-zero-day-attack-1020.jpg) ### \*\*\*\* Social Media Platform Faces Influx of Deceptive AI Services, Posing Malware Risks Threat actors use Facebook to impersonate well-known **generative AI brands** like [ChatGPT](/phishing-awareness/the-power-of-chatgpt-how-chatgpt-is-changing-the-phishing-game), Google Bard, Midjourney, and Jasper. Unsuspecting users are being lured into downloading content from these fake pages and ads, unwittingly exposing themselves to malware. The[malware](https://blog.checkpoint.com/security/facebook-flooded-with-fake-ads-for-chatgpt-google-bard-and-other-ai-services-tricking-users-into-downloading-malware/)is designed with the capability to steal passwords, crypto wallets, and browser data. The fraudulent pages attract users by offering new services and **enhanced versions of AI** applications. [Fake posts](https://indianexpress.com/article/cities/pune/investment-fraud-pune-doctor-prey-fake-post-it-leader-loses-rs-20-lakh-8579411/) and groups gain traction as users like, comment on, and share the content, **propagating the scam** further. The threat actors behind these scams create pages with numerous followers, comments, and likes to pretend to be authentic . These incidents reveal a growing trend of using AI-based solutions to propagate info stealers. To identify phishing attacks , individuals should **verify sender email addresses**, scrutinize website domains for misspellings, avoid downloading software [from untrusted sources](https://sg.news.yahoo.com/singapore-authorities-malware-risk-apps-untrusted-sources-040443252.html?guccounter=1&guce%5Freferrer=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS8&guce%5Freferrer%5Fsig=AQAAAJkfoQ1N41gdVVINYls7QmSUEUoiZUShQc84YrwnhzXDa%5F6n1FlYrNd9mgcETf7w7NlNcWi26JNSgclF1JSaFLXFmjPpvySZlN-ZNBZjMeoi05AgxAPP2uMGbzMUyBcZZAabXRA%5F%5F5j0JB3wxksmtirJOxCV3nAqiohmdbDlKsBZ), and verify links before clicking. ### Protect Your Organization - [Learn how phishing attacks work and how to spot them](/learn-what-is-phishing/) - [See how Phish Protection blocks threats in real time](/anti-phishing-tools/) ## Topics [ Announcements ](/tags/announcements/) ![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) [ Brad Slavin ](/authors/brad-slavin/) General Manager Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base. [LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) ## Protect your inbox from phishing attacks Real-time email security with 60-day free trial. No credit card required. [Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) ## Related Articles [ Intermediate 5m Cybersecurity Updates For The Week 33 of 2022 Aug 22, 2022 ](/blog/cyber-security-news-update-week-33-2022/)[ Intermediate 6m Cybersecurity Updates For The Week 41 of 2022 Oct 21, 2022 ](/blog/cybersecurity-news-21-oct-2022/)[ Intermediate 5m Cybersecurity Updates For The Week 1 of 2021 Jan 1, 2021 ](/blog/cybersecurity-updates-for-the-week-1-of-2021/)[ Intermediate 6m Cybersecurity Updates For The Week 1 of 2022 Jan 7, 2022 ](/blog/cybersecurity-updates-for-the-week-1-of-2022/) ```json {"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]} ``` ```json {"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}} ``` ```json {"@context":"https://schema.org","@type":"BlogPosting","headline":"AI Fraud Advancement, Microsoft Leads Phishing, HR Phishing Trends – Cybersecurity News [24 July 2023]","description":"AI Fraud Advancement, Microsoft Leads Phishing, HR Phishing Trends – Cybersecurity News [24 July 2023]: emailsecurity · AI Fraud, Microsoft Phishing.","url":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-30-of-2023/","datePublished":"2023-08-02T10:38:28.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2023-08-02T10:38:28.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-30-of-2023/"},"articleSection":"intermediate","keywords":"Announcements","wordCount":704,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2023/08/what-is-a-zero-day-attack-1019.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}} ``` ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Intermediate","item":"https://phishprotection.com/intermediate/"},{"@type":"ListItem","position":4,"name":"AI Fraud Advancement, Microsoft Leads Phishing, HR Phishing Trends – Cybersecurity News [24 July 2023]","item":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-30-of-2023/"}]} ```