AI Supercharges Scams

Cybercriminals are accelerating their attacks in ways that weren't possible a few years ago. Artificial intelligence is giving them the ability to spin up phishing campaigns, voice clones, and deepfakes in minutes instead of days. As a result, the gap between what's genuine and what's fake is closing fast, making it harder for both individuals and organizations to defend themselves.

I'm thrilled to welcome Brett Winterford, Vice President of Okta Threat Intelligence. Brett has had a front row seat to these changes. His team analyzes identity-based attacks and delivers insights to help organizations adapt their defenses. Brett previously served as Okta's Regional CISO for Asia-Pacific and Japan and started his career as a journalist covering information security before moving into leadership roles in banking, government, and technology.

In this episode, Brett explains how AI is reshaping the speed and scale of cybercrime, why trusted platforms like email, SMS, and collaboration tools are being targeted, and what practical steps can reduce risk. He highlights the growing importance of phishing-resistant authentication methods like passkeys, the need for clearer communication between service providers and users, and the role of collaboration across industries and law enforcement in pushing back against attackers.

Show Notes:

• [00:00] Brett Winterford introduces himself as Vice President of Okta Threat Intelligence and explains how identity-based threats are monitored.
• [02:00] He shares his career path from cybersecurity journalist to CISO roles and now to leading threat intelligence.
• [05:48] Brett compares phishing campaigns of a decade ago with today's AI-driven ability to launch attacks in minutes.
• [08:00] He notes how reconnaissance and lure creation have become easier with artificial intelligence.
• [10:40] Brett describes the shift from banking malware to generic infostealers that sell stolen credentials.
• [12:30] He explains how cryptocurrency changed the targeting of attacks by offering higher payouts.
• [14:21] We learn about the Poison Seed campaign that used compromised bulk email accounts to spread phishing.
• [15:26] Brett highlights the rise of SMS and other trusted communication channels as phishing delivery methods.
• [16:04] He explains how attackers exploit platforms like Microsoft Teams and Slack to bypass traditional defenses.
• [18:30] Brett details a Slack-based campaign where attackers impersonated a CEO and smuggled phishing links.
• [22:41] He warns that generative AI has erased many of the old "red flags" that once signaled a scam.
• [23:01] Brett advises consumers to focus on top-level domains, official apps, and intent of requests to detect phishing.
• [26:06] He stresses why organizations should adopt passkeys, even though adoption can be challenging.
• [27:22] Brett points out that passkeys offer faster, more secure logins compared to traditional passwords.
• [28:31] He explains how attackers increasingly rely on SMS, WhatsApp, and social platforms instead of email.
• [31:00] Brett discusses voice cloning scams targeting both individuals and corporate staff.
• [32:30] He warns about deepfake video being used in fraud schemes, including North Korean IT worker scams.
• [34:59] Brett explains why traditional media-specific red flags are less useful and critical thinking is essential.
• [37:15] He emphasizes the need for service providers to create trusted communication channels for verification.
• [39:29] Brett talks about the difficulty of convincing users to reset credentials during real incidents.
• [41:00] He reflects on how attackers adapt quickly and why organizations must raise the cost of attacks.
• [44:18] Brett highlights the importance of cross-industry collaboration with groups like Interpol and Europol.
• [45:24] He directs listeners to Okta's newsroom for resources on threat intelligence and recent campaigns.
• [47:00] Brett advises consumers to experiment with passkeys and use official apps to reduce risk.
• [48:00] He closes by stressing the importance of having a trusted, in-app channel for security communications.

Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.

Links and Resources:

• Podcast Web Page
• Facebook Page
• whatismyipaddress.com
• Easy Prey on Instagram
• Easy Prey on Twitter
• Easy Prey on LinkedIn
• Easy Prey on YouTube
• Easy Prey on Pinterest
• Brett Winterford - LinkedIn
• Brett Winterford - Okta