IT Security Trends that Accelerated in 2024

There are a number of trends that impact IT security that accelerated through 2024 and are

promising to grow as threats in 2025.

Some of these trends are enabled or accelerated by emerging technologies like widespread AI

and others are so old that their recent uptick is surprising.

 

AI-enabled Scams/Social Engineering

The rise of AI-enabled scams and fraud is predictable, in many cases just creating a more

believable layer to classic romance or kidnapping scams through AI voice mimicking.

The real concern for organizations is that AI deepfakes are leading to more effective social

engineering tactics.

There has been a noted uptick in more sophisticated Business Email Compromise (BEC)

scams and AI-generated voice clones pose an increasing threat for compromise through the

phones. Training and protocols that account for these enhanced threats will be key to

mitigating their impacts. BEC remains a key threat vector and these new tactics will only

increase the risks posed to an organization.

 

Synthetic ID Fraud

Synthetic ID fraud has been an increasing problem for a number of years, and the trend shows

no sign of slowing down.

This increase has created a durable two-sided market. Scammers are targeting large

organizations looking to steal personally identifiable information and then selling that

information to others who create synthetic identities to perpetuate fraud.

The kicker is in many cases large, data-rich organizations are on the receiving end of both

threats as they are targeted for the information they have and have to deal with the various

frauds criminals are attempting.

 

Payment Fraud

Payment fraud is increasing along two fronts, one is using synthetic IDs to steal or divert

legitimate payments and is becoming increasingly technically sophisticated. The other is old-

fashioned check fraud, in many cases simply from stealing mail and washing checks.

As the threat landscape continues to evolve it’s important to keep abreast of the changes

happening so that your training and procedures are effective. One of the most effective things

an organization can do to counter these threats is to simply have verification protocols.

Knowing that someone is who they say they are, both internally and externally, can go a long

way toward mitigating risks.

 

If you have questions about the evolving IT security threat landscape and how it affects your

organization, call ITPAC today.