Future Phishing Attacks Will Use Generative Machine Learning

Uploaded on 2022-07-08 in TECHNOLOGY--Developments, NEWS-Cybersecurity News, FREE TO VIEW

Phishing attacks aim to steal confidential information using sophisticated methods through a series of techniques via content injection, social engineering, online social networks, and mobile applications. More than 85% of credential phishing attacks looked like legitimate common business workflows to trick end-users into engaging with the email.

Recent advances in Deep Learning have enabled improvements in generative model architectures, and some state-of-the-art models can now produce outputs realistic enough to fool humans.

Now, criminal data analysts and technicians have decided to use Generative Machine Learning (GML) models that learn the distribution of data from a sample dataset and can then generate new attack vectors. 

Until recently with a phishing attack, the victims had an advantage as criminals have had to do everything by hand. All of the text detail, from the email attempt to lure the victim takes time to create and if you watched out for them the less sophisticated attacks are easy to see.

To avoid and mitigate the risks of these attacks, several phishing detection approaches were developed, among which deep learning algorithms provided promising results. However, the results and the corresponding lessons learned are fragmented over many different studies and there is a lack of a systematic overview of the use of deep learning algorithms in phishing detection and now some criminals are using the Deep Learning language model GPT.

OpenAI's version of GPT has demonstrated that incredibly powerful Machine Learning (ML) text generation can also be designed to be quite simple for lay programmers to implement. More recently, OpenAI's Dall-E was used to demonstrate that creating a realistic fake image can be as simple as calling a function with a brief language description.

"Think about something as simple as an image of a grocery bag with a fake logo. If you wanted to get this kind of thing a few years ago, you would have needed to pay someone who knows how to do Photoshop to make the logo and create some fake image. Now this whole process has been boiled down to just one single line of English text," said Prashanth Arun, head of data science for Armorblox.

"Imagine you make a fake Candle Company, with an entire range of candles with your little logo and product descriptions that say different things, it gives you a sense that, you know, these guys have been around for a long time," said Arun.

Future phishing attacks will come with detailed web presences and will be generated with the click of a button.

The idea that GML creates security problems is not new, although one of the problems with it is that it was good at short pieces of text, but the text tended to become unstable once messages become too long.

That type of systemic problem could even be gamed by someone looking to poison data collection. If Planters gave Mr. Peanut an employee bio as chief snack officer, that could translate to a business email compromise campaign where Mr. Peanut requests invoices be paid. Nevertheless, attacks like this can be difficult to defend against and the same problems discerning facts that troubled the phishing ML to would also plague the defensive ML. 

The combination of ease of use and difficulty of defence could mean generative attacks make a substantial change in the threat landscape sooner than most defenders would be prepared for.

"For high-value targets, I think it's still going to be humans running the attacks, simply because the ROI on such scams are much higher," said Arun. "But for a lot of these spray and pray kinds of spammy stuff, I think the quality of that is going to be improved significantly."

Phish Protection:    Mahmood & Dabassi:     SC Magazine:   SC Magazine:   Research Gate

Research Gate:     CPS-VO:      Springer:    

You Might Also Read: 

A Phishing Attack That Delivers Three Forms Of Malware:

 

« Edge AI: The Future of Artificial Intelligence And Edge Computing
CISA Detects Many New Cyber Security Vulnerabilities »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Zurich

Zurich

Zurich is a leading multi-line insurer providing a wide range of property and casualty, and life insurance products and services in more than 210 countries and territories.

BigID

BigID

BigID is redefining personal data protection and privacy. BigID software helps companies secure their customer data & satisfy privacy regulations like GDPR.

Dcoya

Dcoya

Dcoya's complete security awareness training program gives you out-of-the-box compliance with PCI-DSS, HIPAA, SOX and ISO regulations.

Snyk

Snyk

Snyk is the leader in developer security. We empower the world’s developers to build secure applications and equip security teams to meet the demands of the digital world.

Xperien

Xperien

Xperien is a leading South African Information Technology Asset Disposition (ITAD) company.

FirstWave Cloud Technology

FirstWave Cloud Technology

FirstWave Cloud Technology is a global cyber security company which has been delivering Cybersecurity-as-a-service solutions to the market since 2004.

eMazzanti Technologies

eMazzanti Technologies

eMazzanti Technologies provides IT consulting services for businesses ranging from home offices to multinational corporations throughout the USA and internationally.

Blumira

Blumira

Blumira provides comprehensive, hybrid cloud security monitoring and reporting for organizations of all sizes, enabling them to detect and respond to cloud security threats quickly and effectively.

Elisity

Elisity

Elisity Cognitive Trust is a new security paradigm that combines Zero Trust Network Access and an AI-enabled Software Defined Perimeter.

RegScale

RegScale

RegScale helps organizations comply in real-time with multiple compliance requirements (NIST, CMMC, ISO, SOX, etc), scalable to meet the needs of the entire enterprise.

Valency Networks

Valency Networks

Valency Networks provide cutting edge results in the areas of Vulnerability Assessment and Penetration Testing services for webapps, cloud apps, mobile apps and IT networks.

Zenity

Zenity

Zenity is the first and only security governance platform for low-code/no-code applications.

Utimaco

Utimaco

UTIMACO develops on-premises and cloud-based hardware security modules, solutions for key management, data protection and identity management as well as data intelligence solutions.

Sycope

Sycope

Sycope is focused on designing and developing highly specialised IT solutions for monitoring and improving network and application performance.

PureSoftware

PureSoftware

PureSoftware is a global software products and digital services company that is driving transformation for the world’s top organizations across various industry verticals.

Evolve Business Group

Evolve Business Group

Evolve is an independently-owned managed network solutions provider, creating bespoke packages for customers globally since 2005.