What is Phishing? Does AI Play a Role? (2 minute read time)

Article author
Betty Fleming
  • Updated

Phishing is an attempt to gain access to accounts, personal information, or devices, to infect or steal data. It occurs by luring users to click on a link and directly provide personal information or open a document infected with malware.

Everyone has been told to be careful about clicking on suspicious links in an email. However, phishing happens in almost every way we use technology. You can be phished via text message, on a social media post, or even through a phone call or snail mail.

Phishing usually involves a combination of psychology- creating a need for immediate action- with legitimacy appearing to coming from a trusted source. Phishing attempts can even come from a trusted source if their account have been hacked.

Because of its low cost and barrier of entry,  phishing remains the most common way bad actors try to compromise accounts and organization.  

Through phishing, bad actors and cybercriminals might seek to steal your credit card, bank information, or your personal information, or compromise your account to attack others. On a campaign, they may be looking to use your account to access sensitive or proprietary information. 

AI and Phishing

AI poses new phishing threats that can create more sophisticated and targeted attacks.  AI increases the speed and scale of attacks. Using AI bad actors can create phishing attempts that are:

  • Better crafted and more precise mimicking of communication styles
  • More tailored to the recipient through Increased ability to harvest and ingest data to tailor attacks.
  • Can quickly and in significant volume create hyper personalized targeted attempts. 

People on campaigns and in organizations in politics need to remain aware and vigilent about phisihing attempts

While the techniques used to phish people on campaigns may be the same, the motives for phishing a campaign could be different.

They are looking to harm the campaign by:

  • Gaining account access to steal and expose confidential information and data to expose information embarrassing to the campaign or steal personal information on supporters and voters.
  • Stealing login credentials to compromise social media, the campaign website, and other accounts.
  • Gaining access to email accounts so they can send phishing emails to other people on the that is from a real known and trusted account.
  • Infecting the campaign with ransomware and/or other malware to negatively impact operations or compromise other campaign accounts.
  • Conducting cybercrime-related activities to steal money from the campaign, like the Business Executive Compromise (For more information on the Business Exec. Compromise, see the Rochester Institute of Technology's information page, here). 

Phishing, as it relates to campaigns, can be highly targeted. This is known as spear phishing. Here is an example of a phishing attempt:

Screenshot 2026-02-27 at 6.57.58 AM.png

 

Learn More: How phishing attempts are different for campaigns

How To: Defending Against Phishing

Was this article helpful?

0 out of 0 found this helpful

Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.