Abnormal Launches AI Email Attack Detection

Abnormal Launches AI Email Attack Detection

By Greg Tavarez

Cybercriminals are always on the prowl for new ways to cause damage. One of the latest and most concerning developments is the utilization of generative AI in their attack strategies. This technology enables malicious actors to craft highly convincing and targeted emails that can fool even the most vigilant individuals and evade traditional security systems.

An example of the impact of generative AI on cyberattacks is the rapid increase in Business Email Compromise, or BEC, attacks. These attacks involve impersonating a legitimate entity within an organization to deceive employees into performing actions that compromise security or financial integrity.

According to recent research by Abnormal Security, BEC attacks have surged by 55% over just six months, and this trend could escalate exponentially as generative AI technology becomes more widespread. The ability to scale attacks with such convincing content could lead to a proliferation of successful cybercrimes, potentially resulting in financial losses for businesses and individuals alike.

“As the adoption of generative AI tools rises, bad actors will increasingly use AI to launch attacks at higher volumes and with more sophistication,” said Evan Reiser, CEO at Abnormal Security.

As generative AI becomes more accessible, it is important for organizations to enhance their security strategies with new tools. A new tool they can utilize is Abnormal’s CheckGPT, which is used to detect AI-generated attacks. The new capability determines when email threats, including BEC and other socially engineered attacks, have likely been created using generative AI tools.

“Security leaders need to combat the threat of AI by investing in AI-powered security solutions that ingest thousands of signals to learn their organization’s unique user behavior, apply advanced models to precisely detect anomalies, and then block attacks before they reach employees,” said Reiser.

Abnormal's email security solution diverges from conventional methods, offering a distinct approach tailored for countering advanced email attacks, making it particularly adept at thwarting AI-generated assaults. Its unique API-based architecture leverages a comprehensive array of signals, encompassing diverse attributes such as communication patterns, sign-in events and various other factors, to establish a baseline of normal behavior for each employee and vendor within an organization. The application of advanced AI models, including natural language processing, enables the identification of anomalies in email behavior, serving as potential indicators of impending attacks.

Following the initial email analysis, Abnormal's platform goes beyond mere classification, delving into the intent and origin of email attacks.

The CheckGPT tool employs a suite of open source LLMs to assess the likelihood that a generative AI model was responsible for generating a particular message. This assessment is based on the examination of the contextual relevance of each word in the message. If consistently high likelihood values suggest AI-generated content, it becomes a strong indicator of artificial generation.

This innovative detection capability has recently been demonstrated through Abnormal's research, showcasing instances of emails containing language strongly suspected to be AI-generated, including threats like business email compromise and credential phishing attacks.

“While it’s important to understand whether an email was generated by a human or AI to understand and stay ahead of evolving threats, the right system will detect and block attacks no matter how they were created,” said Reiser.

Edited by Alex Passett
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

MSPToday Editor

Related Articles

LogMeIn Rescue, to the Rescue: Forrester Studies GoTo's Support Capabilities

By: Alex Passett    9/22/2023

Over a period of three years, a Forrester Total Economic Impact (TEI) study examined the business and financial benefits of LogMeIn Rescue, a flagship…

Read More

Canadian Managed IT Services Gear Up for Cybersecurity Awareness Month

By: Contributing Writer    9/22/2023

October, prominently known as Cybersecurity Awareness Month, is an annual observance and an intensified rally for Canada's premier IT service provider…

Read More

ITEXPO Exhibitor RingLogix Looks to TeamMate to Open New Possibilities for MSPs

By: Greg Tavarez    9/21/2023

The RingLogix and TeamMate collaboration enables MSPs to get the most out of Microsoft Teams as a collaboration solution.

Read More

Acronis Introduces Advanced Automation for MSPs

By: Stefania Viscusi    9/21/2023

Acronis Advanced Automation addresses a common challenge faced by MSPs, the increasing complexities businesses face with so many different initiatives…

Read More

Comprehensive Cybersecurity Solutions: Rackspace Taps Palo Alto Networks

By: Alex Passett    9/20/2023

Strengthening organizations' abilities to stay ahead of progressively evolving cyber threats and attackers is key. That's why Rackspace Technology has…

Read More