{"id":56015,"date":"2026-07-13T08:59:18","date_gmt":"2026-07-13T12:59:18","guid":{"rendered":"https:\/\/www.kaspersky.com\/blog\/?p=56015"},"modified":"2026-07-13T09:08:27","modified_gmt":"2026-07-13T13:08:27","slug":"ai-generated-mail-detection","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com\/blog\/ai-generated-mail-detection\/56015\/","title":{"rendered":"Combating AI-powered BEC attacks"},"content":{"rendered":"<p>It\u2019s no secret that cybercriminals have recently been <a href=\"https:\/\/www.kaspersky.com\/blog\/manufacturing-phishing-2026\/56097\/\" target=\"_blank\" rel=\"noopener nofollow\">leveraging<\/a> large language models to optimize their operations. As a result, numerous phishing and malware campaigns targeting organizations have significantly improved in quality. These emails now contain fewer obvious errors, and their tone closely mimics legitimate business correspondence. But the methods of deploying these campaigns always have a clear giveaway: an attempt to steal credentials or execute malicious code. <a href=\"https:\/\/www.kaspersky.com\/blog\/what-is-bec-attack\/34135\/\" target=\"_blank\" rel=\"noopener nofollow\">Business email compromise (BEC)<\/a> attacks, however, present a greater challenge.<\/p>\n<p>BEC attacks typically rely entirely on social engineering, effectively tricking a legitimate employee into carrying out the attackers\u2019 requests. These attacks have also improved substantially in quality since the advent of LLMs. If the scammers\u2019 tactics succeed\u00a0\u2014 say, if they manage to convince an employee to transfer funds to a third-party account instead of a contractor\u2019s\u00a0\u2014 the company can lose substantial amounts of money in an instant. This is why we\u2019ve developed a specialized technology to detect AI-generated BEC emails.<\/p>\n<div id=\"attachment_56116\" style=\"width: 1204px\" class=\"wp-caption aligncenter\"><a href=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2026\/07\/13084557\/ai-bec-detection-technology-letter.jpg\"><img decoding=\"async\" aria-describedby=\"caption-attachment-56116\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2026\/07\/13084557\/ai-bec-detection-technology-letter.jpg\" width=\"1194\" height=\"244\" alt=\"An example of an LLM-generated BEC email\" class=\"wp-image-56116 size-full\"><\/a><p id=\"caption-attachment-56116\" class=\"wp-caption-text\">An example of an LLM-generated BEC email<\/p><\/div>\n<h2>How our AI-generated BEC detection technology works<\/h2>\n<p>Without getting bogged down in the technical details, here\u2019s an explanation of how this new technology operates. As you may know, large language models don\u2019t compose text the way humans do. Instead, they predict words that are most likely to fit the task outlined in the prompt. Furthermore, cybercriminals tend to take the path of least resistance: instead of reinventing the wheel, they rely on the most widely available AI models.<\/p>\n<p>Because it\u2019s obvious what the attackers are after, we can extract BEC-specific key phrases from the text. Additionally, we\u2019ve learned to spot when a text has been generated by a machine. These indicators are a cornerstone of our detection technology. As a result, our security solution can now identify and block attempted BEC attacks at the initial stage \u2014 before the attacker ever has a chance to mislead an employee. The technology currently detects AI-generated BEC emails in English, French, German, Italian, Portuguese, Russian, Spanish, and Turkish.<\/p>\n<h2>Which of our solutions feature the AI-generated BEC detection technology?<\/h2>\n<p>Our range of corporate security solutions includes Kaspersky Security for Mail Server, which incorporates Kaspersky Secure Mail Gateway \u2013 where our AI BEC detection technology is implemented. To be precise, the feature is available in the KSMS Plus license following the recent KSMG 3.1 update. Visit the <a href=\"https:\/\/www.kaspersky.com\/small-to-medium-business-security\/mail-server?icid=gl_kdailyplacehold_acq_ona_smm__onl_b2b_kasperskydaily_wpplaceholder____ksms___\" target=\"_blank\" rel=\"noopener nofollow\">Kaspersky Security for Mail Server official page<\/a> to learn more about our email security solutions and the features added in the latest update.<\/p>\n<input type=\"hidden\" class=\"category_for_banner\" value=\"kesb-trial\"><input type=\"hidden\" class=\"placeholder_for_banner\" data-cat_id=\"kesb-trial\" value=\"32361\">\n","protected":false},"excerpt":{"rendered":"<p>We&#8217;ve trained our security solution to detect BEC emails generated by large language models. <\/p>\n","protected":false},"author":2598,"featured_media":56117,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1999,3051,3052],"tags":[3521,19,3737,321],"class_list":{"0":"post-56015","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-business","8":"category-enterprise","9":"category-smb","10":"tag-bec","11":"tag-email","12":"tag-solutions","13":"tag-technology"},"hreflang":[{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/ai-generated-mail-detection\/56015\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/ai-generated-mail-detection\/42260\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com\/blog\/tag\/bec\/","name":"BEC"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/56015","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/2598"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/comments?post=56015"}],"version-history":[{"count":4,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/56015\/revisions"}],"predecessor-version":[{"id":56120,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/56015\/revisions\/56120"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/56117"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=56015"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/categories?post=56015"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/tags?post=56015"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}