Every October, the cybersecurity community unites under the central theme of “vigilance”. With the rapid growth of generative AI, this call to action has become more important than ever.

As part of the Cyber Security Awareness Month initiatives, the North-West University’s (NWU’s) IT department recently hosted an online seminar on 9 October. Led by business analyst Thapelo Makile and IT technician Frans Roodt, the seminar explored the digital landscape in which threats are becoming increasingly advanced, personalised and deceptive.

Titled “Recognising evolving AI threats”, the online seminar aimed to equip staff and students with practical, multi-layered strategies to protect their data and that of the institution.

Referencing the Check Point Software Technologies Cyber Security Report, the speakers noted that South African organisations had faced over 1 884 cyberattacks per week during the first quarter of 2025 – a staggering 69% increase from the previous year. South Africa ranked among the top four most targeted countries in Africa in July 2025, emphasising the urgent need to understand AI-powered phishing.

Phishing in a new light: AI-powered deception

The emergence of generative AI means that attackers can now use deepfake audio and video technology to simulate anyone’s voice or create convincing fake videos. This technology enables sophisticated social engineering attacks that can result in fraud and data breaches.

“Attackers cannot clone an organisation’s official link, so it is vital to hover over it to see the actual URL before clicking,” advised Thapelo.

Furthermore, attackers use machine learning to craft highly personalised phishing campaigns. These messages perfectly mimic writing styles and dialects, eliminating the traditional red flags.

“There are no typos, no poor grammar and no obvious signs. So, instead of looking for mistakes, focus on authenticity and context,” said Frans.

Practical defence tips

The experts outlined key defence strategies for the NWU community. They highlighted that the best defence is a culture of verification.

“To protect yourself, always verify unexpected requests through an alternative communication channel,” Frans stated. “If you receive an email, make a phone call. If you receive a phone call, visit in person. Encourage a culture of reporting and discussion. If something feels off, it usually is.”

“The best defence is to stick to verified processes and always confirm any money transfer or confidential action with a second person or trusted source,” Frans added.

Thapelo highlighted that, although the tools of deception have changed, the strongest defence has not, which is “human judgement”.

“The most crucial firewall is and always will be human judgement. It is in the pause before you click, and the critical thought that questions an unusual request,” Thapelo said.

Staying secure is not just about protecting a personal laptop; it is about safeguarding the integrity of all NWU research, learning and administrative operations. This requires constant vigilance and a collective commitment from staff and students to help secure the university’s digital future.

AI can fake perfection, but it cannot fake your awareness. Always stay alert.