How to Defend Against AI Spam Email?

So have you been assuming all spam to have spelling mistakes? Or just bad grammar?

What if the email has impeccable grammar? How to defend against the bad guys using AI in their spam emails?

NIST (National Institute of Science and Technology) has a definition of phishing:  https://csrc.nist.gov/glossary/term/phishing

Phishing Definition:

Or  this definition:
” Tricking individuals into disclosing sensitive personal information by claiming to be a trustworthy entity in an electronic communication (e.g., internet web sites).”

 

According to startmail.com  the Spammers are using AI(Artificial Intelligence) to improve their spam emails and more.

“Cyber-criminals are leveling up to improve their tactics and scam people out of their hard-earned money. Aside from using AI-powered text generators, scammers also turn to AI voice generators to make malicious phone calls to scam people or steal their sensitive information.”

One possible scenario is calling people to inform them about a “relative’s” accident and asking for financial support. Others use the kidnapping slant to ask for ransom using a friend’s voice, which AI can extract and manipulate from spam calls.

AI has been used to copy voices and to ask for money, let’s find some stories:

Foxbusiness story on AI used to clone voices and create a story to extract money

{Scheumack cited a recent example of an interview IdentityIQ did with an individual who received what she believed to be a panicked call from her daughter who was at a camp, but it was actually an AI-generated voice clone of her daughter. The scammers had found a post the daughter made about going to camp on social media and utilized it to make the call more realistic.}

Be careful as to what you are posting online on social media.

Hellbound Bloggers have an interesting post with “Combating Email Spam with AI: A Smarter Approach”

Listing the following items to keep in mind when looking at AI programs to defend your email stream.

—————————————————————————————————

Content-based Filtering:

AI algorithms analyze the content of incoming emails, looking for patterns, keywords, and other indicators of spam. Machine learning models are trained on large datasets to identify and classify spam emails accurately. These models continuously learn and adapt to evolving spam techniques, ensuring high accuracy in spam detection.

Natural Language Processing (NLP):

NLP techniques enable AI systems to understand and analyze the meaning of text in emails. By leveraging NLP, spam filters can detect subtle indicators of spam, such as deceptive language, suspicious links, or attempts to manipulate the recipient.

Reputation Systems:

AI-powered reputation systems assign scores to email senders based on their historical behavior. By considering factors like the sender’s IP address, domain reputation, and email engagement metrics, these systems can identify spammers and prioritize legitimate emails.

User Behavior Analysis:

By analyzing user behavior patterns, AI algorithms can identify anomalies and deviations from normal email activity. For example, if an account suddenly starts sending a large volume of emails or exhibits unusual interaction patterns, it may indicate a compromised account used for spamming.

---

I have included the above items to review some of the actual AI details because it is important when looking at new software. As the attackers use more AI we have to use AI to counter, and this will be in the form of NLP, Content-based filtering, reputation systems, and User behavior analysis.

Keep in mind that AI is an all encompassing term these days – it can mean many things, but what we are interested in is the escalation of the attacker improving their spam based attacks. Which means that the attacker needs to be checked with our own tools.  There is spam aware email software which has to counteract the new methods of the spammers.

NLP – Natural Language Processing should be discussed a bit…  Here is a little info from an ISACA (I have the CISA certification by ISACA) publication:  “AI Uses in Blue Team Security” (one has to be a member of ISACA to get this publication pdf)

{Natural language processing (NLP) is a type of ML that aims primarily to give computers the ability to understand, analyze and potentially generate human language in the form of text or audio. As NLP has advanced, it has become a prominent solution in cybersecurity operations, e.g., to determine if communications are from a human or a machine. When products on the market are advertised
as having ML antiphishing capabilities, that typically means they use NLP. }

ML is Machine Learning – and describes a specific subset of AI where a program will perform a specific task like an if then else decision tree, or of course as described NLP.  If you notice that these terms AI and ML are specific methods of programming which solve certain problems. We are interested in finding spam so the program has to find misspelled words and would then characterize and grade each error which would make it more likely it is a bad spam email.

Where does that lead us? As AI evolves we have to review our software more and see if it is protecting as it should, if it is not, then we have to look at competitors. It is important to keep pushing the envelope. There will be many different types of AI for cybersecurity, including defending against spam.

Here is an example of a company explaining their methods with AI: Confluent.io link.

In my opinion the proof is in the actual operation of any system. If you can get a test license and actually try the software that would be best (of course it has to be used in your environment which takes effort).

My book reviews the system engineering methodologies that I espouse like testing and control of the environment is a good thing.  “Too Late You Are Hacked” Book.  I recommend that you pick it up from my publisher Publishing Concepts.  Page on book on this site(has the link to publisher).