Vade uses generative AI to enhance spear-phishing detection
Vade announced that it has pioneered a new method that improves the confidence of its spear-phishing detection engine.
The enhancement, designed to combat advanced threats including those produced by generative AI, leverages threat samples created by artificial technology and human sources.
The new method trains Vade’s spear-phishing algorithms on a unique combination of traditional and artificially generated spear-phishing emails. Vade has confirmed that the enhancement increases the confidence of detection across seven spear phishing classifiers, or categories. These range from scams involving W2 fraud, payroll fraud, banking fraud, and more.
In the US, W2 fraud accounts for the largest improvement, seeing a 50% increase in confidence, followed by banking fraud at 30%. W2 fraud, which surges during the US tax season, occurs when attackers attempt to fraudulently obtain employee W2s. Vade is implementing the enhancement just as W2 fraud volumes have increased by more than 130% between December and January.
Spear phishing is the costliest cyberthreat for businesses and consumers worldwide. According to the Internet Crime Complaint Center (IC3), reported losses globally from spear-phishing attacks amounted to $2.7 billion (USD) in 2022. That figure is expected to increase significantly in the coming years, especially with the emergence of generative AI tools that aid in content creation.
“We are entering a period of unprecedented transformation in cybersecurity,” said Adrien Gendre, Chief Technology and Product Officer at Vade. “Generative AI is becoming a gamechanger. It gives hackers new capabilities to deploy advanced attacks at scale and security vendors the opportunity to keep pace. As a leader in cybersecurity, we have long recognized the need to embrace generative AI as a force for good. And we are. We’re fighting fire with fire.”
Historically, spear phishing emails commonly contained characteristics that made them easier to detect as fraudulent, such as spelling and grammatical errors. Generative AI platforms can eliminate these factors, producing error-free text in any language. This enables foreign attackers to localize spear phishing emails and increase the appearance of legitimacy.
Since generative AI’s growth in popularity, Vade researchers have observed a significant increase in the quality of observed threats. And while generative AI creators have instituted safety controls to prevent misuse of their platforms, Vade analysts have conducted internal tests that demonstrate the ability to circumvent these measures.
Vade is implementing the enhancement for its email security suite, Vade for M365. Once complete, organizations will immediately see the benefits of the update.