We’ve noticed a surge in highly personalized phishing emails that don't have the typical "bad grammar" red flags, likely created using LLMs. These are bypassing our current Secure Email Gateway (SEG). What advanced behavioral analysis tools or employee training techniques are you using to spot these sophisticated social engineering attacks?
3 answers
Since AI can write perfect prose, we’ve shifted our focus from "content filtering" to "intent and metadata analysis." We now use AI-driven security platforms that analyze the communication baseline of every employee. If an email from the "CFO" arrives with an unusual sense of urgency or requests a wire transfer to a new account, the system flags it as anomalous, even if the language is perfect. For training, we run simulations using the same AI tools hackers use. This helps our team understand that "perfect English" no longer guarantees that an email is safe.
Does your current setup include DMARC and DKIM enforcement to prevent domain spoofing, or are the attackers mostly using "look-alike" domains?
The "human firewall" is still your best bet. We encourage a "call to confirm" policy for any financial transaction, regardless of how official the email looks.
I agree with Barbara. Technology can only go so far; a quick 30-second phone call can save a company millions of dollars in potential wire fraud losses.
Mark, we have DMARC at 'reject', but attackers are getting clever with 'homoglyph' attacks—using characters from other alphabets that look identical to ours. To answer you: we had to implement a browser extension that highlights when a domain name is using non-standard characters to trick the eye.