Vishing, smishing, and phishing attacks skyrocket 1,265% post-ChatGPT

76% of enterprises lack sufficient voice and messaging fraud protection as AI-powered vishing and smishing skyrocket following the launch of ChatGPT, according to Enea.

Enterprises report significant losses from mobile fraud

61% of enterprises still suffer significant losses to mobile fraud, with smishing (SMS phishing) and vishing (voice phishing) being the most prevalent and costly.

Enterprises account for a significant share of communication service provider (CSP) subscribers and an even greater share of their revenues. They depend on their CSP to protect them from telecom-related fraud, with 85% saying security is important or extremely important for their telecoms buying decisions.

Since the launch of ChatGPT in November 2022, vishing, smishing, and phishing attacks have increased by a staggering 1,265%.

61% of enterprise respondents said their mobile messaging fraud costs were significant, yet more than three-quarters don’t invest in SMS spam or voice scam/fraud protection.

51% said they expect their telecom operator to protect them from voice and mobile messaging fraud, citing their role as more important than that of cloud providers, managed IT providers, systems integrators or direct software vendors.

85% of enterprises say that security is important or extremely important for their telecoms purchasing decisions.

Only 59% of CSPs say they have implemented a messaging firewall, and just 51% said they have implemented a signaling firewall. 46% report adopting some threat intelligence service, essentially leaving a majority blind to new or morphing threats.

CSPs that prioritize security are better positioned to win enterprise business

Security leaders, characterized by better capabilities, better funding, and a higher prioritization of security, are less than half as likely as the followers to have a security breach go undetected or unmitigated (12% vs 25%). CSP security leaders are more likely to see security as an opportunity to generate revenues (31% vs 19%).

“We’ve observed the rapidly evolving threat landscape with growing concern, particularly as AI-powered techniques become more accessible to cybercriminals,” commented John Hughes, SVP and Head of Network Security at Enea.

“The stark increase in mobile fraud, particularly following the advent of advanced technologies like ChatGPT, underscores a critical need for enhanced network security measures. This survey highlights a significant disconnect between enterprise expectations and the current capabilities of many CSPs, and our ongoing mission is to help the sector bridge that gap and safeguard networks and users,” concluded Hughes.

Maintaining and enhancing mobile network security is a never-ending challenge for CSPs. Mobile networks are constantly evolving – and continually being threatened by a range of threat actors who may have different objectives, but all of whom can exploit vulnerabilities and execute breaches that impact millions of subscribers and enterprises and can be highly costly to remediate.

To bridge this gap, CSPs must overcome challenges such as a lack of skilled staff to handle potential security breaches, a lack of budget to invest in adequate security tools, and internal organizational complexity preventing them from prioritising security.