Combating AI-powered BEC attacks

We’ve trained our security solution to detect BEC emails generated by large language models.

Combating AI-powered BEC attacks

It’s no secret that cybercriminals have recently been leveraging large language models to optimize their operations. As a result, numerous phishing and malware campaigns targeting organizations have significantly improved in quality. These emails now contain fewer obvious errors, and their tone closely mimics legitimate business correspondence. But the methods of deploying these campaigns always have a clear giveaway: an attempt to steal credentials or execute malicious code. Business email compromise (BEC) attacks, however, present a greater challenge.

BEC attacks typically rely entirely on social engineering, effectively tricking a legitimate employee into carrying out the attackers’ requests. These attacks have also improved substantially in quality since the advent of LLMs. If the scammers’ tactics succeed — say, if they manage to convince an employee to transfer funds to a third-party account instead of a contractor’s — the company can lose substantial amounts of money in an instant. This is why we’ve developed a specialized technology to detect AI-generated BEC emails.

An example of an LLM-generated BEC email

An example of an LLM-generated BEC email

How our AI-generated BEC detection technology works

Without getting bogged down in the technical details, here’s an explanation of how this new technology operates. As you may know, large language models don’t compose text the way humans do. Instead, they predict words that are most likely to fit the task outlined in the prompt. Furthermore, cybercriminals tend to take the path of least resistance: instead of reinventing the wheel, they rely on the most widely available AI models.

Because it’s obvious what the attackers are after, we can extract BEC-specific key phrases from the text. Additionally, we’ve learned to spot when a text has been generated by a machine. These indicators are a cornerstone of our detection technology. As a result, our security solution can now identify and block attempted BEC attacks at the initial stage — before the attacker ever has a chance to mislead an employee. The technology currently detects AI-generated BEC emails in English, French, German, Italian, Portuguese, Russian, Spanish, and Turkish.

Which of our solutions feature the AI-generated BEC detection technology?

Our range of corporate security solutions includes Kaspersky Security for Mail Server, which incorporates Kaspersky Secure Mail Gateway – where our AI BEC detection technology is implemented. To be precise, the feature is available in the KSMS Plus license following the recent KSMG 3.1 update. Visit the Kaspersky Security for Mail Server official page to learn more about our email security solutions and the features added in the latest update.

Tips

Cracked in under a minute: (nearly) every other password

We’ve revisited our study on the crackability of real-world passwords leaked on the dark web — originally conducted two years ago. The findings are sobering: nearly every other password can be cracked in under a minute, and three out of five take less than an hour. How can we move away from insecure passwords?