The History of Artificial Intelligence: Complete AI Timeline



detecting phishing attacks using natural language processing and machine learning :: Article Creator

Detecting Spear Phishing: Sophisticated Attacks Require A Sophisticated ...

Spear phishing attacks are difficult to detect automatically because they use targeted language that appears "normal" to both detection algorithms and users themselves. Today's approaches to detecting such emails rely mainly on heuristics, which look for "risky" words in emails, like 'payment,' 'urgent,' or 'wire'.

Unfortunately, such methods fail when adversaries make word choices or use sentence structures that heuristic designers did not anticipate. This is why many email security approaches now rely on machine learning, in addition to heuristics. Well-designed machine learning algorithms for detecting spear phishing have proven more resilient to variation in sentence structure and word choice as compared to heuristics.

Teaching machines to go deeperNeither heuristics nor textbook machine learning approaches are silver bullets, and the criminal economy in spear phishing-based cyber-crime is booming as a result. There's an urgent need to up our game as defenders. Fortunately, recent breakthroughs in artificial neural networks have provided an opportunity to do so.

Indeed, state-of-the-art neural networks trained on gigabytes of text can now learn deep structure within language in ways that are far more sophisticated than older machine learning approaches. There have been major advances in the last year and a half, including the OpenAI GPT-2 neural network that's able, under certain conditions, to write coherent documents. Take a look at this viral example of this neural network writing an essay about unicorns, if you haven't already seen it. 

In the security research community, we've found that we can take neural networks like these and adapt them for phishing detection, achieving breakthrough results. To understand why, imagine a neural network that can analyze the underlying topics, sentiments, imperatives and tone incident to emails, using these observations to decide whether or not a given email is a phishing attempt.

While our early results are exciting, it will be an ongoing process to bring such new technology to market. There are no silver bullets, but teaching machines to better understand language using modern neural network technology will lead to significant advances in protecting organizations from phishing.


Study Shows Attackers Can Use ChatGPT To Significantly Enhance Phishing ...

Researchers demonstrate how attackers can use the GPT-3 natural language model to launch more effective, harder-to-detect phishing and business email compromise campaigns.

Security researchers have used the GPT-3 natural language generation model and the ChatGPT chatbot based on it to show how such deep learning models can be used to make social engineering attacks such as phishing or business email compromise scams harder to detect and easier to pull off.

The study, by researchers with security firm WithSecure, demonstrates that not only can attackers generate unique variations of the same phishing lure with grammatically correct and human-like written text, but they can build entire email chains to make their emails more convincing and can even generate messages using the writing style of real people based on provided samples of their communications.

"The generation of versatile natural-language text from a small amount of input will inevitably interest criminals, especially cybercriminals — if it hasn't already," the researchers said in their paper. "Likewise, anyone who uses the web to spread scams, fake news or misinformation in general may have an interest in a tool that creates credible, possibly even compelling, text at super-human speeds."

What is GPT-3?

GPT-3 is an autoregressive language model that uses deep learning to generate human-like responses based on much smaller inputs known as prompts. These prompts can be simple, such as a question or instruction to write something on a topic, but they can also be much more detailed giving the model more context on how it should produce a response. The art of crafting such refined prompts to achieve very specific and high quality responses is known as prompt engineering.

GPT-3 was originally developed in 2020 by researchers from artificial intelligence research laboratory OpenAI. Access to it via an API only became more widely available in 2021, yet widespread use was still restricted. That changed in late November with the launch of ChatGPT, a public chatbot based on GPT-3.5 that used refinements such as supervised learning and reinforcement learning.

Generating phishing messages with GPT-3

The WithSecure researchers began their research a month before ChatGPT was released by using lex.Page, an online word processor with inbuilt GPT-3 functionality for autocomplete and other functions. Their study continued after the chatbot was released, including prompt engineering attempts to bypass the filters and restrictions that OpenAI put in place to limit the generation of harmful content.

One obvious use of such a tool can be the ease with which attackers can generate phishing messages without having to employ writers who know English, but it goes much deeper than that. In mass phishing attacks, but even in more targeted ones where the number of victims is smaller, the text or lure in the email is usually identical. This makes it easy for security vendors and even automated filters to build detection rules based on the text. Because of this, attackers know they have a limited time to hook victims before their emails are flagged as spam or malware and are blocked or removed from inboxes. With tools like ChatGPT, however, they can write a prompt and generate unlimited unique variants of the same lure message and even automate it so that each phishing email is unique.

The more complex and long a phishing message is, the more likely it is that attackers will make grammatical errors or include weird phrasing that careful readers will pick up on and become suspicious. With messages generated by ChatGPT, this line of defense that relies on user observation is easily defeated at least as far as the correctness of the text is concerned.

Detecting that a message was written by an AI model is not impossible and researchers are already working on such tools. While these might work with current models and be useful in some scenarios, such as schools detecting AI-generated essays submitted by students, it's hard to see how they can be applied for email filtering because people are already using such models to write business emails and simplify their work.

"The problem is that people will probably use these large language models to write benign content as well," WithSecure Intelligence Researcher Andy Patel tells CSO. "So, you can't detect. You can't say that something written by GPT-3 is a phishing email, right? You can only say that this is an email that was written by GPT-3. So, by introducing detection methods for AI generated written content, you're not really solving the problem of catching phishing emails."

Attackers can take it much further than writing simple phishing lures. They can generate entire email chains between different people to add credibility to their scam. Take, for example, the following prompts used by the WithSecure researchers:

"Write an email from [person1] to [person2] verifying that deliverables have been removed from a shared repository in order to conform to new GDPR regulations."

"Write a reply to the above email from [person2] to [person1] clarifying that the files have been removed. In the email, [person2] goes on to inform [person1] that a new safemail solution is being prepared to host the deliverables."

"Write a reply to the above email from [person1] to [person2] thanking them for clarifying the situation regarding the deliverables and asking them to reply with details of the new safemail system when it is available."

"Write a reply to the above email from [person2] to [person1] informing them that the new safemail system is now available and that it can be accessed at [smaddress]. In the email, [person2] informs [person1] that deliverables can now be reuploaded to the safemail system and that they should inform all stakeholders to do so." 

"Write an email from [person1] forwarding the above to [person3]. The email should inform [person3] that, after the passing of GDPR, the email's author was contractually obliged to remove deliverables in bulk, and is now asking major stakeholders to reupload some of those deliverables for future testing. Inform the recipient that [person4] is normally the one to take care of such matters, but that they are traveling. Thus the email's author was given permission to contact [person3] directly. Inform the recipient that a link to a safemail solution has already been prepared and that they should use that link to reupload the latest iteration of their supplied deliverable report. Inform [person3] that the link can be found in the email thread. Inform the recipient that the safemail link should be used for this task, since normal email is not secure. The writing style should be formal."

The chatbot generated a credible and well-written series of emails with email subjects that preserve the Re: tags, simulating an email thread that culminates with the final email to be sent to the victim — [person3].

How ChatGPT could enhance business email compromise campaigns

Impersonating multiple identities in a fake email thread to add credibility to a message is a technique that's already being used by sophisticated state-sponsored attackers as well as cybercriminal groups. For example, the technique has been used by a group tracked as TA2520, or Cosmic Lynx, that specializes in business email compromise (BEC).

In BEC scams the attackers insert themselves into existing business email threads by using compromised accounts or spoofing the participants' email addresses. The goal is to convince employees, usually from an organization's accounting or finance department, to initiate money transfers to the attacker-controlled accounts. A variation of this attack is called CEO fraud, where attackers impersonate a senior executive who is out of office and request an urgent and sensitive payment from the accounting department usually due to a situation that arose on a business trip or during a negotiation.

One obvious limitation of these attacks is that the victims might be familiar with the writing styles of the impersonated persons and be able to tell that something is not right. ChatGPT can overcome that problem, too, and is capable of "transferring" writing styles.

For example, it's easy for someone to ask ChatGPT to write a story on a particular topic in the style of a well-known author whose body of work was likely included in the bot's training data. However, as seen previously, the bot can also generate responses based on provided samples of text. The WithSecure researchers demonstrate this by providing a series of real messages between different individuals in their prompt and then instruct the bot to generate a new message using the style of those previous messages.

"Write a long and detailed email from Kel informing [person1] that they need to book an appointment with Evan regarding KPIs and Q1 goals. Include a link [link1] to an external booking system. Use the style of the text above."

One can imagine how this could be valuable to an attacker who managed to break into the email account of an employee and download all messages and email threads. Even if that employee is not a senior executive, they likely have some messages in their inbox from such an executive they could then choose to impersonate. Sophisticated BEC groups are known to lurk inside networks and read communications to understand the workflows and relationships between different individuals and departments before crafting their attack.

Generating some of these prompts requires the user to have a good understanding of English. However, another interesting finding is that ChatGPT can be instructed to write prompts for itself based on examples of previous output. The researchers call this "content transfer." For example, attackers can take an existing phishing message or a legitimate email message, provide it as input and tell the bot to: "Write a detailed prompt for GPT-3 that generates the above text. The prompt should include instructions to replicate the written style of the email." This will produce a prompt that will generate a variation of the original message while preserving the writing style.

The researchers also experimented with concepts such as social opposition, social validation, opinion transfer, and fake news to generate social media posts that discredit and harass individuals or cause brand damage to businesses, generate messages meant to legitimize scams, and generate convincing fake news articles of events that were not part of the bots training set. These are meant to show the potential for abuse even with the filters and safeguards put in place by OpenAI and the bot's limited knowledge of current events.

"Prompt engineering is an emerging field that is not fully understood," the researchers said. "As this field develops, more creative uses for large language models will emerge, including malicious ones. The experiments demonstrated here prove that large language models can be used to craft email threads suitable for spear phishing attacks, 'text deepfake' a person's writing style, apply opinion to written content, instructed to write in a certain style, and craft convincing looking fake articles, even if relevant information wasn't included in the model's training data. Thus, we have to consider such models a potential technical driver of cybercrime and attacks."

Furthermore, these language models could be combined with other tools such as text-to-speech and speech-to-text to automate other attacks such as voice phishing or account hijacking by calling customer support departments and automating the interactions. There are many examples of attacks such as SIM swapping that involve attackers tricking customer support representatives over the phone.

GPT natural language models likely to improve greatly

Patel tells CSO that this is likely just the beginning. The GPT-4 model is likely already under development and training, and it will make GPT-3 look primitive, just like GPT-3 was a huge advancement over GPT-2. While it might take some time for the API for GPT-4 to become publicly available, it's likely that researchers are already trying to replicate the weights of the model in an open-source form. The weights are the result of training such a machine learning model on what is likely exabytes of data, a time-consuming and highly expensive task. Once that training is complete, weights are what allow the model to run and produce output.

"To actually run the model, if you would have those weights, you'd need a decent set of cloud instances, and that's why those things are behind an API. What we predict is that at some point you will be able to run it on your laptop. Not in the near future, obviously. Not in the next year or two, but work will be done to make those models smaller. And I think obviously there's a large driving business for us to be able to run those models on the phone


How AI And Machine Learning Help Detect And Prevent Fraud

Founder & CEO of Workmetrics, a leader in workforce software. Doctor of Information Technology specialising in data integration and AI.

In a world that's growing more digital and interconnected by the day, fraud has taken on new dimensions, often dealing crippling blows to business. From online transactions to sensitive data protection, it's become vital to stay one step ahead of cunning fraudsters. Thankfully, we have an ace up our sleeves in the form of artificial intelligence (AI) and machine learning (ML) that are championing the fight against cybercrime and its various iterations.

AI And ML Fraud Detection

Let's start with the way AI deals with payment fraud. Merchant losses are projected to reach $38 billion in 2023, driven by credit card fraud, phishing, chargebacks and identity theft, to name a few scheming ways.

This is where anomaly detection, the first line of defense against fraud, steps in. It's a process of identifying data points that deviate from the expected patterns in a dataset, with the goal of uncovering uncommon or infrequent events that could point to a possible fraud opportunity.

Traditional rule-based systems like whitelisting or blacklisting credit cards from specific regions have limits. They can't adapt to constantly evolving fraud patterns, often supported by emerging technology. By contrast, AI and ML thrive on change as they can identify anomalies in real time by learning from the data they're fed. This data is often a list of data points collected at regular or irregular intervals, also known as time series data.

Bespoke fraud ML models are

Due to their multi-tenant architecture, these dedicated models are designed to detect and prevent fraud for each customer and industry, specifically tuned and optimized for maximum efficiency.

For instance, banks use anomaly detection to analyze transaction history, location data and user behavior in certain cases. Insurance companies employ it for analysis of claims data in order to identify potential fraudulent claims. In healthcare, anomaly detection can spot irregular billing practices, pinpoint insurance fraud and protect sensitive patient data from unauthorized access.

The Role Of NLP

Natural language processing (NLP) also plays a major role here, as it lends a helping hand in interpreting a massive amount of language-related data through word and text analysis. Basically, it "reads" a text by processing different patterns (causal, numeric, time) and assertions from a huge block of textual big data. By doing so, it uncovers typical keywords or descriptions linked to fraudulent activity.

There are specific text signals NLP can derive thanks to techniques such as word embeddings—number representations of text that encode the meaning of the words. By grouping similar words closer together and dissimilar words further apart, the machine takes context and word ordering into consideration, thus generating specific text signals that are highly useful in detecting anomalies in conversations.

As a result, NLP greatly extends the capabilities and effectiveness of machine learning.

The Deepfake Challenge

Then, there is the "most entertaining" fraud of them all: deepfakes.

Video and image generation models allow fraudsters to create convincing deepfakes, which can represent a real person in particular contexts. Fraudsters can impersonate someone trusted, such as a company executive, friend or family member, and lure unsuspecting victims into performing specific actions. These usually are transferring funds to fraudulent accounts or sharing confidential information, routinely leading to financial and/or reputational damage.

When it comes to the audio realm, the situation is perhaps even worse. Because there is only a singular aspect to emulate (how a person sounds), it's easier to replicate only their voice, inflections and all the nuances that make up that person in the ear of the beholder.

What's scary is that it doesn't take much raw data for duplication. Microsoft's text-to-speech AI model called VALL-E requires a mere three seconds to closely simulate a voice and preserve the speaker's emotional tone.

Some models require half a minute for a quality clone, which can then be used for vocal authentication, to create voice memos or all kinds of other nefarious use cases that I'm not even considering at the moment. Arguably, the worst part is the fact that some of these voice-cloning solutions are free, open-source and easily available on sites like Github.

Artificial intelligence tackles the deepfake problem through deep learning that takes anomaly detection to an entirely new level. It can process complex and high-dimensional data that is media of all kinds, and detect irregularities and intricate patterns within.

Deep learning techniques, such as convolutional neural networks (CNNs) and biometric liveness detection, ensure that technology is reading a genuine biometric source, whether it's a human face, an actual eye or a thumbprint, as opposed to a recreated image of one.

Due to this ability, deep learning algorithms can expose telltale signs that can help businesses detect deepfake fraud. For visual media, this includes variations in lighting and skin tone, twitchy and unnatural motions and millisecond out-of-sync audio-to-video movements (speech-to-lip) nuances that would likely escape human detection. In terms of audio spoofing detection, there are deep learning-powered techniques targeting subtle differences in the high frequencies between real and fake files, data augmentation methods and affective computing.

An Ongoing Battle

The reality is that fraudsters are always on the lookout for the next opportunity to slip through the cracks in the foundation. With consumer demands ever-changing at a fast pace, organizations of all sizes have to be more vigilant than ever to prevent fraud. The good news is that fraud research is a very active field that is constantly working on improving AI detection and prevention methods.

Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?





Comments

Post a Comment

Follow It

Popular posts from this blog

What is Generative AI? Everything You Need to Know

Image
application of artificial intelligence ppt :: Article Creator Artificial Intelligence A synthetic chief executive, a bot trained on employees' personalities, and a regular duel with ChatGPT — our listeners brought us their stories. By Kevin Roose, Casey Newton, Rachel Cohn, Whitney Jones, Jen Poyant, Alyssa Moxley, Dan Powell, Elisheba Ittoop and Rowan Niemisto Leveraging Artificial Intelligence Platforms To Increase Student Learning: One District's Journey Learning Tools Leveraging Artificial Intelligence Platforms to Increase Student Learning: One District's Journey As educators, we cannot afford to delay providing instruction on appropriate use of artificial intelligence platforms to our students. Doing so places them at a significant disadvantage as they enter college and/or the workforce. By Alan Meinster 05/08/24 With the relatively recent evolution of, and exponentially increasing access to, generative artificial intellig...
Read more

Top Generative AI Tools 2024

Image
natural language generation python :: Article Creator Technique Improves The Reasoning Capabilities Of Large Language Models CAMBRIDGE, MA - Large language models like those that power ChatGPT have shown impressive performance on tasks like drafting legal briefs, analyzing the sentiment of customer reviews, or translating documents into different languages. These machine-learning models typically use only natural language to process information and answer queries, which can make it difficult for them to perform tasks that require numerical or symbolic reasoning. For instance, a large language model might be able to memorize and recite a list of recent U.S. Presidents and their birthdays, but that same model could fail if asked the question "Which U.S. Presidents elected after 1950 were born on a Wednesday?" (The answer is Jimmy Carter.) Researchers from MIT and elsewhere have proposed a new technique that enables large language model...
Read more

60 Growing AI Companies & Startups (2025)

Image
new technology :: Article Creator Business Tech News: OpenAI Releases Its Latest And Greatest Version Of ChatGPT TOKYO, JAPAN - FEBRUARY 3: Open AI CEO Sam Altman speaks during a talk session with SoftBank Group CEO Masayoshi Son at an event titled "Transforming Business through AI" in Tokyo, Japan, on February 03, 2025. SoftBank and OpenAI announced that they have agreed a partnership to set up a joint venture for artificial intelligence services in Japan today. (Photo by Tomohiro Ohsumi/Getty Images) Getty Images Here are five things in tech that happened this week and how they affect your business. Did you miss them? This Week in Business Tech News Business Technology News #1– ChatGPT-5 is here. GPT-5, launched this week, is OpenAI's flagship model now powering ChatGPT, the API, and Microsoft Copilot. It represents a unified system that dynamically adapts its reasoning power to tasks like coding ("vibe codin...
Read more