V-Help
← All news
Security

How AI Amplifies Attacks on Support Services and How to Defend Against Them

How AI Amplifies Attacks on Support Services and How to Defend Against Them

Photo: BleepingComputer

Quick answer

AI amplifies support desk attacks through phishing, identity spoofing, and threat scaling. Effective defenses include biometric verification and eliminating password sharing.

According to IBM's 2025 report, 16% of data breaches involve AI-powered attacks, including phishing and identity spoofing. Support services are prime targets, as employees—especially during onboarding—may fail to recognize threats.

AI enables attackers to craft more convincing threats, from automated phishing emails to deepfake voice and video calls. This complicates decision-making for IT teams under high-pressure conditions.

Three key threats to support services:

1. Convincing identity spoofing. Attacks on companies like MGM Resorts and Clorox began with requests for account access via support desks. AI helps attackers sound professional, reference relevant departments, and create urgency.

2. Accelerated reconnaissance and personalization. Public data from social media and corporate sites allows AI to gather intelligence on new hires, roles, and internal processes. This makes attacks more plausible and harder to detect.

3. Attack scaling. AI automates the creation of dozens of phishing email variations, adapting to different scenarios. This increases success rates, as support teams may struggle to identify threats promptly.

To mitigate these risks, experts recommend biometric verification, avoiding password sharing via SMS or email, and adopting secure onboarding solutions. These measures reduce human-factor vulnerabilities and strengthen data protection.

Common questions

Which support desk attacks does AI amplify?
AI enhances phishing emails, voice and video call spoofing, and gathers employee data for personalized attacks.
Why are new employees vulnerable?
New hires often lack IT department familiarity, and access procedures may be incomplete. Cybercriminals exploit this for identity spoofing and unauthorized access.
How can support services defend against AI-driven attacks?
Implement biometric verification, avoid password sharing via unsecured channels, and mandate identity checks before sensitive actions.
Share:

Dzen feed: /feed/dzen.xml · RSS: /feed.xml

Why trust this

Prepared by the V-Help editorial team from the primary source with a published date.

Published by: V-Help.ru news desk

Source: BleepingComputer