Future Phishing Attacks Will Use Generative Machine Learning

Uploaded on 2022-07-08 in TECHNOLOGY--Developments, NEWS-Cybersecurity News, FREE TO VIEW

Phishing attacks aim to steal confidential information using sophisticated methods through a series of techniques via content injection, social engineering, online social networks, and mobile applications. More than 85% of credential phishing attacks looked like legitimate common business workflows to trick end-users into engaging with the email.

Recent advances in Deep Learning have enabled improvements in generative model architectures, and some state-of-the-art models can now produce outputs realistic enough to fool humans.

Now, criminal data analysts and technicians have decided to use Generative Machine Learning (GML) models that learn the distribution of data from a sample dataset and can then generate new attack vectors. 

Until recently with a phishing attack, the victims had an advantage as criminals have had to do everything by hand. All of the text detail, from the email attempt to lure the victim takes time to create and if you watched out for them the less sophisticated attacks are easy to see.

To avoid and mitigate the risks of these attacks, several phishing detection approaches were developed, among which deep learning algorithms provided promising results. However, the results and the corresponding lessons learned are fragmented over many different studies and there is a lack of a systematic overview of the use of deep learning algorithms in phishing detection and now some criminals are using the Deep Learning language model GPT.

OpenAI's version of GPT has demonstrated that incredibly powerful Machine Learning (ML) text generation can also be designed to be quite simple for lay programmers to implement. More recently, OpenAI's Dall-E was used to demonstrate that creating a realistic fake image can be as simple as calling a function with a brief language description.

"Think about something as simple as an image of a grocery bag with a fake logo. If you wanted to get this kind of thing a few years ago, you would have needed to pay someone who knows how to do Photoshop to make the logo and create some fake image. Now this whole process has been boiled down to just one single line of English text," said Prashanth Arun, head of data science for Armorblox.

"Imagine you make a fake Candle Company, with an entire range of candles with your little logo and product descriptions that say different things, it gives you a sense that, you know, these guys have been around for a long time," said Arun.

Future phishing attacks will come with detailed web presences and will be generated with the click of a button.

The idea that GML creates security problems is not new, although one of the problems with it is that it was good at short pieces of text, but the text tended to become unstable once messages become too long.

That type of systemic problem could even be gamed by someone looking to poison data collection. If Planters gave Mr. Peanut an employee bio as chief snack officer, that could translate to a business email compromise campaign where Mr. Peanut requests invoices be paid. Nevertheless, attacks like this can be difficult to defend against and the same problems discerning facts that troubled the phishing ML to would also plague the defensive ML. 

The combination of ease of use and difficulty of defence could mean generative attacks make a substantial change in the threat landscape sooner than most defenders would be prepared for.

"For high-value targets, I think it's still going to be humans running the attacks, simply because the ROI on such scams are much higher," said Arun. "But for a lot of these spray and pray kinds of spammy stuff, I think the quality of that is going to be improved significantly."

Phish Protection:    Mahmood & Dabassi:     SC Magazine:   SC Magazine:   Research Gate

Research Gate:     CPS-VO:      Springer:    

You Might Also Read: 

A Phishing Attack That Delivers Three Forms Of Malware:

 

« Edge AI: The Future of Artificial Intelligence And Edge Computing
CISA Detects Many New Cyber Security Vulnerabilities »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Montash

Montash

Montash is an award winning, global technology recruitment business, specialising in the acquisitions of high-performing talent across a number of core disciplines including Information Security.

CERT.GOV.AZ

CERT.GOV.AZ

Azerbaijan Government Computer Incident Response Team

Avatu

Avatu

Avatu specialise in providing clients the advice, technology and tools they need to fight cyber and insider threats.

Exonar

Exonar

We enable organisations to better organise their information, removing risk and making it more productive and secure.

Prove & Run

Prove & Run

Prove & Run provides a patented software development toolchain that is specifically forged to deal with the complex security properties of sensitive software components.

CERT NZ

CERT NZ

CERT NZ supports businesses, organisations and individuals affected by cyber security incidents, and provide trusted and authoritative information and advice.

IXDen

IXDen

IXDen provides a novel software-based approach to OT systems protection, covering Industrial IoT cybersecurity and sensor data integrity.

Raonsecure

Raonsecure

Raonsecure is one of Korea’s leading ICT security software companies – providing a variety of PC and mobile security solutions to financial institutions, government, and enterprise.

CIBR Warriors

CIBR Warriors

CIBR Warriors are a leading cyber security and networking staffing company that provides workforce solutions with businesses nationwide in the USA.

Sydeco

Sydeco

Sydeco offer a complete range of products that secure computer and industrial networks, servers, programs and data against any type of computer attack.

Guardio

Guardio

Guardio develop tools and products to combat modern web and browser threats.

Limes Security

Limes Security

Limes Security GmbH is the leading OT Security expert in the German-speaking region of Europe.

VMware

VMware

VMware is a leading provider of multi-cloud services for all apps, enabling digital innovation with enterprise control.

VulnCheck

VulnCheck

VulnCheck helps organizations outpace adversaries with vulnerability intelligence that predicts avenues of attack with speed and accuracy.

Metallic.io

Metallic.io

Metallic (formerly TrapX) is a SaaS portfolio for enterprise-grade backup and recovery, designed to protect your data from corruption, deletion, ransomware, and other threats.

Keyrus

Keyrus

Keyrus is a global consultancy that develops data and digital solutions for performance management.