AI Goes Phishing

Artificial intelligence could potentially make cyberattacks more dangerous and difficult to detect

In 2020, Google claimed to block more than 100 million scam emails every day, with 18 million of them related to COVID 19.  According to Barracuda Networks, malicious mails rose by 667% with the onset of the pandemic.

Mobile devices were the most vulnerable. Verizon’s 2020 Data Breach Investigations Report (DBIR) showed hackers found a lot of success with integrated text, email and link-based phishing, especially across social media, for stealing passwords and accessing privileged credentials in cyberspace.

Now, machine learning models are evolving to understand and filter out phishing threats to internet users, governments, and companies etc. For example, Microsoft neuters billions of phishing attempts on Office 365 alone.

Over the years, hackers have become better at evading detection, sneaking in malicious content. The tactics manifest themselves in URLs pointing to legitimate-looking yet compromised websites and redirectors.

AI has the ability to detect spam and phishing attacks with accuracy, speed.

Automated detection

AI goes beyond signature-based detection, which hackers have learnt to evade by tweaking some elements like HTML code or image metadata. Incorporating machine learning capabilities, AI focuses on detecting characteristics/behaviours related to phishing as opposed to known signatures. An altered signature can be detected and blocked. 

Phishing attacks are constantly evolving to evade newer technologies, and cybersecurity tools need to keep up. AI is continuously learning from open source threat intelligence feeds, and the organisation’s own unique environment.

Source: Abdul Basit, et al

Studies have shown that robust ML techniques have high detection accuracy. AI uses machine learning and data analysis to examine content, context, metadata and user behaviour. 

Behavioural analysis

AI and ML algorithms can understand how users communicate. They study patterns of typical behaviour, textual behaviours and the context of messages. Communication patterns are assessed to create a baseline of normal behaviour. Characteristics like use of grammar, syntax etc creates a unique user profile. Impersonation or spear phishing like Business Email Compromise (BEC) and Email Account Compromise (EAC) scams can be detected this way although it may pass other filters. 


AI models are only as good as the data they are fed and its trustworthiness revolves around data. Hence, data bias is a pertinent risk. Oftentimes, enterprises have been deploying these tools assuming the datasets are well represented, which may not be true. 

AI data training can be poisoned by malicious actors, compromising the secure structure that a particular organisation is relying on. Technology does not possess an inherent disposition and will act the way it is taught. However, these tools do not operate in a vacuum, rather, they are interacting with their environment all the time. AI algorithms can be exploited and even weaponised to pursue nefarious objectives. The ability to create synthetic data that mimics the human generated content could be the beginning of Deepfake spear-phishing. 

As per Europol’s report, artificial intelligence could potentially make cyberattacks more dangerous and difficult to detect. Just like organisations deploy AI to protect against malware, it is possible that hackers have begun making use of AI and ML tools too. 

AI models may suffer as adversaries begin to identify patterns and change their mode of operation rendering the existing data and AI models useless. The model will adapt to certain phishing behaviours over time which decreases its efficacy to detect novel threats.

AI/ML blind spots 

Known unknowns and unknown unknowns are still a major threat to models. Although ongoing research aims to find answers and suggestions, these unknowns may not elicit any threat response from AI/ ML tools.

Datasets may also contain errors leading to labeling flaws on part of the AI. ML is exposed to comprehensible patterns which tell the machine what to look for in datasets to predict future malware. Datasets can become obsolete and irrelevant. An MIT study found that major ML datasets had significant errors including mislabelled images. The study found a 3 to 4% average error rate in datasets and a 6% error rate for Imagenet, one of the most popular image recognition systems. 

Download our Mobile App

Subscribe to our newsletter

Join our editors every weekday evening as they steer you through the most significant news of the day.
Your newsletter subscriptions are subject to AIM Privacy Policy and Terms and Conditions.

Our Recent Stories

Our Upcoming Events

3 Ways to Join our Community

Telegram group

Discover special offers, top stories, upcoming events, and more.

Discord Server

Stay Connected with a larger ecosystem of data science and ML Professionals

Subscribe to our Daily newsletter

Get our daily awesome stories & videos in your inbox