top of page
cyber hacker beagle thinking.jpg
Search

Where is AI Waldo!? Spotting The AI Phishing Email


With the rise of AI, phishing techniques have evolved significantly, leading to more sophisticated and harder-to-detect attempts.


These emerging phishing characteristics bring new levels of complexity and can easily be overlooked. In the past, we were taught to look for poor spelling or emails requesting sensitive information. However, as part of Cyber Security Awareness Month, Cyber Speak Labs is shedding light on these newer, more sophisticated phishing traits:


  1. Perfect Grammar Surprisingly, an email with flawless grammar can now be a phishing red flag. With AI tools like Generative AI (GenAI) helping people with everyday tasks—such as crafting emails, writing social media posts, and even blogs—phishers are also using it to produce well-written content.

    Be cautious of emails that seem "too perfect," especially when combined with suspicious context or coming from an unfamiliar sender. The polished language might mask fraudulent intent.

  2. Lack of Personalization Personalization goes beyond emojis or friendly greetings. AI-generated phishing emails often attempt to use social engineering, presenting themselves as a salesperson or professional contact.

    However, current AI-generated messages struggle with personalization. Instead, they rely on vague, generic greetings like "Dear valued customer" or "Dear Sir/Madam."

    Genuine sales or business emails usually include personal touches like "I noticed your recent work with X company" or "It was great meeting you at the conference." If you don't recall any previous interaction with the sender, it's best not to engage.

  3. Inconsistent Tone or Delivery One of the challenges with AI-generated content is maintaining a consistent tone throughout the message. You might notice abrupt sentence endings or a neutral tone that feels impersonal or cold to the reader. This lack of consistency stems from AI's struggle to adapt to context and personalization.



Below, is a GenAI email that was generated by CyberSpeak Labs that highlight these potential phishing attributes:



By keeping an eye out for these characteristics, you can stay ahead of emerging phishing tactics in the age of AI. Stay vigilant, and remember—if something feels off, it's always better to double-check before engaging with an email.


Contents were edited and information provided by ChatGPT.



Comments

bottom of page