Scammers are becoming more sophisticated in their approach by sending out increasingly advanced phishing emails. A technology security group has raised the alarm to the ABC7 I-Team regarding this new issue.
The new, more enhanced phishing attempts could look exactly like the login page of an email when the link is clicked.
Security experts say they are so convincing that even well-trained users and experts can be vulnerable.
ABC7 Chicago is now streaming 24/7. Click here to watch
During a recent 30-day timeframe, Check Point Research identified 200,000 of these new phishing emails capable of deceiving users and bypassing their computer’s security measures, primarily within the U.S.
Jeremy Fuchs from Check Point Software explained, “What scammers are doing is manipulating the URL to make a malicious site appear legitimate. This way, when you click on it, you are unaware that the site is malicious, and even your security systems may not detect it. As a result, you are directed to a site that seems harmless but is, in reality, harmful.”
If the link is clicked, hackers can install malware onto devices and even hold it hostage, or they try to get users to give up personal login information. The new phishing links can look like landing pages to email accounts, an important “document” to review or a request for signatures.
“If there’s ever any suspicion… obviously report it… whether it’s your IT team or to, you know, Gmail or Microsoft,” Fuchs said. “And it’s tricky, because the idea is to make it look legitimate, and so we always sort of unfortunately have to have our guards up.”
South suburban Romeoville resident Mark Geary said he’s avoided several phishing attempts. One asked him to click on a link to get an auto insurance “refund,” which he knew wasn’t real because he wasn’t supposed to be getting any refund and the email wasn’t even from the same company he is under.
“I called my insurance agent as soon as I got it, and he said it was a scam, so don’t click on it,” Geary said. “And they can literally wipe out so many savings accounts. It’s pretty dangerous, actually.
What can be done to stop enhanced phishing?
All software, including email systems and web browsers, should be kept up to date with the latest security patches. This will prevent cyber criminals from exploiting vulnerabilities through which phishing attacks can be executed.
“Advanced email security solutions” like spam filtering, anti-phishing and malware detection can also be implemented. This will detect and block the most sophisticated of phishing attempts.
Email users should also consider updating “redirection rules.” This is a set of instructions that dictates how the server should handle certain requests or messages.
It may seem like a long list, but it may be worth it. Experts say AI is making it easier for criminals to code and enhance the phishing links.
“It is now significantly easier, much more efficient and cost effective,” Fuchs said. “And you don’t need as much technical knowledge as you might have. Now, you know, with a few simple prompts… and that’s what’s accelerating this.”
The best rule to remember is to not click on any link in an inbox unless something specific is expected. Even if it looks like it is coming from a coworker or employer, people should reach out to that person directly to make sure they sent it.
Geary said he reported his phishing emails to the Better Business Bureau. People can also report them to the Federal Trade Commission, or if money is lost, it can be reported to the FBI.
Resources
Better Business Bureau: https://www.bbb.org/all/spot-a-scam#::text=Report%20a%20Scam,at%20BBB.org%2Fscamtracker.
Federal Trade Commission: https://reportfraud.ftc.gov/
FBI Internet Crime Complaint Center: https://www.ic3.gov/
Copyright © 2025 WLS-TV. All Rights Reserved.
