Phishing attacks have been causing havoc for many years. They are becoming an increasing concern around the world. Though earlier, there were only phishing email scams now, we see a massive uptick in the frequency of internal and lateral phishing attacks. As per Verizon’s 2020 Data Breach Investigations Report (DBIR), 22 percent of breaches in 2019, involved phishing. Meanwhile, according to APWG’s Phishing Activity Trends Report for Q1 2020, phishing attacks rose in prevalence to a level that hasn’t been observed since 2016, with over 60,000 phishing sites being reported in March alone. While the main reason is the lack of awareness of users, security defenders must take precautions to prevent users from confronting these harmful sites. At present, researchers are experimenting with machine learning to find new solutions to detect, mitigate, and prevent future attacks and scams.
Last year, Data Science Institute member Asaf Cidon developed a prototype of a machine-learning-based detector that automatically detects and stops lateral phishing attacks. This detector relies on several features to stop attacks, including detecting whether the recipient deviates from someone an employee would usually communicate with, whether the email’s text is similar to other known phishing attacks, and whether the link is anomalous. It can detect the vast majority of phishing attacks (especially the lateral attacks) with a high precision rate and a low false-positive rate – under four false positives for every one-million employee-sent emails.
EdgeWave has also devised a multi-layered email security platform that offers pre- and post-delivery security and incident response. This automated, anti-phishing platform uses machine learning and the intelligence gained from a human review to quickly analyze and resolve emails that might pose as a phishing threat. This approach dramatically reduces advanced, targeted attacks, while also significantly lowering the time and money spent by IT. Even Google is using machine learning to thwart the rising number of phishing attacks. These machine learning models are trained to understand and filter phishing threats. Google reports that these models have successfully blocked more than 99.9% of spam, phishing, and malware from reaching G-Mail users.
While these success stories have been encouraging, much work needs to be done to strengthen the existing system to protect themselves from such malicious attacks. For instance, supervised machine learning algorithms must be developed to such an extent that they can detect threats in real-time even when a device is offline. Additionally, these machine learning algorithms should be cloud-based so that they can have access to analyze millions of data points. This will enable them to keep learning new patterns of potential phishing breaches. In the future, machine learning algorithms can help strengthen the security on every mobile device, making them suitable as employees’ IDs, alleviating the need for easily-hackable passwords.
Share This Article
Do the sharing thingy
More info about author