It used to be relatively easy to spot a phishing attempt. Phishing emails would have poor grammar and be littered with spelling mistakes, with relatively easy-to-identify lures such as too-good-to-be-true offers. The unsolicited emails would be sent from unknown email addresses in huge volumes, as threat actors knew they were good enough to fool enough recipients and make the campaigns worthwhile. Provided employees had a modicum of security awareness training and took time to carefully read emails, the phishing attempts could be easily identified and avoided.
Phishing has been growing in sophistication and while these poorly constructed emails are not exactly a thing of the past, there is now a new breed of phishing emails that are expertly written, contain no errors, and are highly personalized to maximize the probability of getting the desired response. In order to conduct a highly personalized spear phishing campaign, threat actors need to spend a considerable amount of time researching their intended targets. In order to warrant that amount of time, the potential rewards must be high. These campaigns are usually conducted on high-value targets such as C-suite members by well-resourced threat actors, such as state-sponsored hacking groups.
Advances in AI technology have made these highly targeted phishing campaigns much easier to conduct. AI tools greatly reduce the amount of human effort required and that has opened up these targeted campaigns to a much broader range of cybercriminals. AI tools can be used to craft perfect phishing emails that closely mimic the companies and brands they spoof, making identification difficult. AI tools are also being used to analyze online profiles to gather personal information to be included in phishing emails, massively reducing the time required to construct the perfect scam email.
AI tools can also be used to assess online interactions by a particular individual to find out topics the individual is likely to respond to. They can rapidly ingest large amounts of data to craft phishing lures closely mimicking the style of emails written by a particular company or individual, making the spoofing almost impossible for individuals to distinguish from genuine communications. With the tools to gather a wealth of personal information and create flawless emails on appropriate topics, business email compromise scams have become much easier and can be conducted by a broader range of cybercriminals. The consequences of falling for one of these scams can be severe.
To combat these advanced phishing campaigns, businesses need advanced defenses. It is important to ensure that all members of the workforce receive ongoing security awareness training, including the C-suite as they are often the people being targeted in these campaigns. However, given the quality of these phishing attempts, security awareness training and a standard spam filter appliance will not cut it. For many years, spam filters have relied on blacklists of IP addresses and domains that have been previously identified as malicious or have low trust scores, along with antivirus engines for malware detection, and scans of message content for phrases commonly associated with spam and phishing. These spam filters will catch the majority of spam and bulk phishing emails, but will not detect the more sophisticated, AI-generated threats.
Advanced email security solutions are now a necessity. The latest anti-spam software and cloud based anti-spam services incorporate AI and machine learning-based detection in addition to the standard spam filtering methods, such as the engine at the heart of TitanHQ’s SpamTitan and PhishTitan M365 anti-phishing solutions. In recent independent tests by VirusBulletin, TitanHQ’s SpamTitan Skellig engine scored joint first place for detection in the Q3, 2024 tests and first place in Q4, achieving a 100% phishing detection rate with a 0.00% false positive rate and a 100% malware catch rate. Whether you are a business looking to improve your defenses or a managed service provider looking to provide more advanced security to your clients, give the TitanHQ team a call to find out more about getting the right tools in place to counter these advanced phishing threats.