In a phishing attack, hackers infiltrate a system by exploiting a vulnerability in a system. With time, the hacking techniques have only become more creative. As much as 25% of phishing emails bypass the traditional email gateways. An AI system, along with the traditional detection method, adds an extra layer of machine learning capabilities. It has abilities such as scanning images for determining fake login pages. It also detects phishing behaviours, which means that even if the hacker sends an email with an altered signature, AI would recognise it and block/restrict it accordingly. This system can also perform real-time scanning of inbound links, using visual indications to determine the authenticity of a login page, and automatically blocking access to verified malicious links.

Figure 1 is AI Double Edged Sword In Phishing.

Figure 1 is shows the Phishing attack in System mode. AI and machine learning based technology help in accelerating incident detection. This means, doing a better job of correlating, curating and integrating the system with security alerts to create an incident detection pattern. Cybersecurity was considered as a defence mechanism to detect the breaches and loopholes in the security system. This paradigm has been reshaped through the recent advancements in artificial intelligence. Cybersecurity teams are now able to predict the attacks and suppress even before they happen.

AI learns from open-source intelligence feeds along with organisations’ unique environment to update its capabilities and enhance its ability to detect the latest phishing threats.

Like every other field, unethical hacking systems have also taken to AI-based smart phishing techniques. Let’s explore a few of them.

AI-based Smart Phishing Technique :

Unethical hackers are rapidly utilising the ‘smart phishing’ technique to extract sensitive and confidential information. This approach uses a baseline of intelligent and exclusive data of the target to make the phishing technique look legitimate and authentic.

AI-based Smart Phishing Technique :

Unethical hackers are rapidly utilising the ‘smart phishing’ technique to extract sensitive and confidential information. This approach uses a baseline of intelligent and exclusive data of the target to make the phishing technique look legitimate and authentic. AI and machine learning are further (mis)used to learn patterns to exploit personal information.

AI double-edged :

Artificial intelligence is truly a double-edged sword in the cyber security domain. This is a perfect example of how AI can be used for good and for evil. Research teams have been working to eliminate the blind spots in the machine learning algorithms and eliminating the weaknesses.

References:

1. https://analyticsindiamag.com/ai-is-a-double-edged-sword-in-phishing/
2. https://bigdata-madesimple.com/why-ai-is-a-double-edged-sword-in-the-cybersecurity/
3. https://analyticsindiamag.com/ai-is-a-double-edged-sword-in-phishing/

Cite this article:

Gunasekar M (2022), AI Double Edged Sword In Phishing, Anatechmaz, pp. 54