Email Security Blog

Spotting Malicious Emails Created with Artificial Intelligence

Gone are the days when phishing emails could be identified with just a discerning eye. Those tell-tale grammar, punctuation, and usage errors were quickly corrected, thanks to generative Artificial Intelligence (AI) and Large Language Models (LLMs). Next to arrive on the scene were AI tools designed to detect AI generated content! While that might be great for professors grading term papers, in the phishing world it allowed cybercriminals to perfect their craft even further – cleaning up their content to bypass additional filters and SEGs.

So, how do you detect AI generated phishing emails?

Well, for the most part, you can’t. At least not by yourself. According to a 2023 study, 71% of phishing emails generated with AI go undetected.1 Of those that do make it to your inbox, there may be a few tell-tale signs such as branding differences, unusual requests, or attachments you were not expecting. However, it’s still best to keep in mind that AI is doing a pretty great job disguising phishing emails.

  • Phishers can also use AI for similar dark purposes including:
  • Writing code
  • Converting code from one programming language to another
  • Creating sophisticated malware which contains no malicious code
  • Voice cloning

The FBI recently released a statement in which they said, “In addition to traditional phishing tactics, malicious actors increasingly employ AI-powered voice and video cloning techniques to impersonate trusted individuals, such as family members, co-workers, or business partners.”2 As you can imagine, this puts a new twist on Business Email Compromise (BEC) and Impersonation attacks.

Phishing Threat Complexity

It hasn’t been that long since OpenAI released ChatGPT to the public (November 2022). Since that time a number of new, unique, and complicated phishing threats have surfaced, each housed inside of well-written emails. Here are just a few:

Rich Text Format (RTF) files are very common and have been used in personalized phishing schemes because they can be used to hide malicious text, graphics, embedded fonts, tables, and more.

URL Encoding converts characters into a format that can be transmitted over the Internet. 

Malicious Redirect Scripts and Cross Site Scripting is a tactic whereby the attacker manipulates a webpage's content and visibility. The victim clicks on a link from the phisher and the browser opens a legitimate website, but it also executes malicious script to capture banking information.

Malicious QR Codes are embedded in emails and once scanned they take unknowing victims to a phishing site so that their credentials can be stolen.

Image-based textual messages sent as attachments prevent anti-spam and email security scanners from analyzing an email’s text. As a result, recipients don’t know that they are looking at a screenshot of text instead of HTML code with text and since there are no links or attachments to open, the email feels safe.

AI seems to be moving at light speed with new uses and enhancements surfacing every day. In many cases the advances made with AI are amazing. However, in the world of email security and phishing, the advances are nothing short of disturbing.

Fighting fire with fire, INKY leverages cutting-edge AI capabilities to effectively combat threats of all complexity levels. But this isn’t new for INKY. Long before phishers had these new tools at their disposal, INKY was using AI to stop them. Purpose-built for MSPs, INKY offers a complete email security platform that is easy to deploy, simple to administer, and a profitable way to boost your own revenue.

Learn more about what INKY can do for your company and your clients. Schedule a free demonstration today.

 

----------------------

INKY is an award-winning, behavioral email security platform that blocks phishing threats, prevents data leaks, and coaches users to make smart decisions. Like a cybersecurity coach, INKY signals suspicious behaviors with interactive email banners that guide users to take safe action on any device or email client. IT teams don’t face the burden of filtering every email themselves or maintaining multiple systems. Through powerful technology and intuitive user engagement, INKY keeps phishers out for good. Learn why so many companies trust the security of their email to INKY. Request an online demonstration today.

 

1Source: https://www.malwarebytes.com/blog/news/2023/12/how-to-recognize-ai-generated-phishing-mails

2Source: https://www.fbi.gov/contact-us/field-offices/sanfrancisco/news/fbi-warns-of-increasing-threat-of-cyber-criminals-utilizing-artificial-intelligence

Topics: