Perception Point Launches AI Model to Combat Generative AI-Based BEC Attacks

perception point, an internet security platform, unveiled its latest innovation to counter the rising tide of AI-generated email threats. The company’s new detection technology leverages AI-powered large language models (LLMs) and deep learning architecture to identify and thwart Business Email Compromise (BEC) attacks facilitated by generative AI technologies.

Criminals are leveraging generative AI technology to launch sophisticated, precisely targeted attacks against organizations of all sizes. The technology has emerged as a new powerful tool for cybercrime, especially in social engineering and BEC attacks, as it enables the creation of high-quality, personalized emails that resemble human output.

According to Verizon’s recent data breach investigation report, more than 50% of social engineering incidents can be attributed to BEC. Perception point annual report 2023 also reveals an 83% increase in BEC attempts.

To counter this escalating threat, the company has developed an innovative detection model based on LLMs, which uses transformers – AI models capable of understanding the semantic context of the text, similar to well-known LLMs such as OpenAI’s ChatGPT and Google’s Bard.

The solution can therefore identify different patterns in LLM-generated text, a critical factor in detecting and thwarting gene AI-based threats.

Beyond outdated security solutions

Perception Point claims that conventional security vendors often fail to achieve the required level of detection accuracy through contextual and behavioral analysis.

The company says that while advanced email security systems use contextual and behavioral detection, they still struggle to identify the new, enhanced attacks enabled by generative AI. This is because these attacks bypass the typical patterns that the detection methods were originally designed to recognize.

In addition, the company claims that solutions currently available in the market rely solely on post-delivery detection. That means the malicious email can remain in the user’s inbox for a long time before being deleted.

“Legacy email security solutions that rely on signatures and reputation analysis struggle to stop even the most basic BEC attacks without a payload,” Tal Zamir, CTO of Perception Point, told VentureBeat. “The main strength of our new model lies in recognizing the repetition of recognizable patterns in LLM-generated text. The model uses a unique three-phase architecture that detects BEC with the highest detection rates and minimizes false positives.”

Zamir said the solution’s difference lies in the comprehensive scanning of all emails, quarantining those identified as malicious before reaching the user’s inbox. He explained that this proactive approach eliminates the risks and potential harm associated with detection-based methods that rely on identifying and addressing threats once they have entered the system.

In addition, the solution includes a managed incident response service, relieving customer SOC teams of the responsibility of responding quickly to incidents and deploying new algorithms in real time to counter new and emerging threats.

Perception Point claims that its model shows exceptional speed when processing incoming emails, with an average time of 0.06 seconds. The model was initially trained on hundreds of thousands of malicious samples captured by the company and is constantly updated with new data to optimize its effectiveness.

Leverage generative AI to minimize email-based attacks

Perception Point’s Zamir said the new attacks include cybercriminals misusing fake emails to impersonate trusted organizations. Using social engineering techniques, the attackers trick employees into transferring large sums of money or revealing confidential information.

“Attackers are taking advantage of the fact that employees in the modern enterprise are the weakest link in the organization when it comes to security,” Zamir told VentureBeat. “They use BEC text-based attacks, which normally do not have malicious payloads such as URLs or malicious files, bypassing traditional email security systems and getting into users’ inboxes.”

He further stated that the rise of generative AI, especially LLMs, has boosted impersonation, phishing and BEC attacks. These advancements enable cybercriminals to operate faster and more scalable than ever before.

“Tasks that once took a lot of time and effort, such as target research, reconnaissance, copywriting and design, can now be completed in minutes using carefully crafted prompts,” said Zamir. “This amplifies the threat by expanding the pool of potential victims and greatly increasing the chances of successful attacks.”

To reduce false positives arising from the extensive use of generative AI for legitimate emails, Perception Point uses a distinctive three-stage architecture in its model.

After an initial scoring process, the model uses transformers and clustering algorithms to categorize email content. By integrating insights from these stages with additional data, such as sender reputation and authentication protocol information, the model predicts whether an email is generated by AI and determines whether it poses a potential threat.

“Our model dynamically scans every email, including the embedded URLs and files, with a proprietary HAP (Hardware Assisted Platform) detection layer. This is our proprietary next-gen sandbox that dynamically scans content at the CPU/memory level,” said Zamir.

What’s next for Perception Point?

Zamir said his company wants to develop AI capabilities to sift through massive amounts of data, identify potential threats and provide actionable intelligence to customers.

He stressed that the integration of generative AI bots into collaboration apps such as Slack or Teams, browsers such as Edge and cloud storage services such as Google Drive or OneDrive has created new opportunities for potential attacks.

“Perception Point recognizes these emerging threats and we are developing AI security solutions designed to prevent, detect and respond to the ever-increasing complexity of the threat landscape,” said Zamir. “We will continue to ensure that our customers can harness the power of generative AI without compromising their security posture.”