Perception Point launches AI model to combat generative AI-based BEC attacks

Perception Point, an internet security platform, unveiled its latest innovation to counter the rising tide of AI-generated email threats. The company’s new detection technology uses AI-powered large language models (LLM) and deep learning architecture to identify and counter business email compromise (BEC) attacks facilitated by generative AI technology.

Criminals are leveraging generative AI technology to carry out sophisticated, precisely targeted attacks against organizations of all sizes. The technology has emerged as a potent new tool for cybercrime, particularly in social engineering and BEC attacks, as it enables the creation of high-quality, personalized emails that resemble human production.

According to Verizon’s latest data breach investigation report, over 50% of social engineering incidents can be attributed to BEC. Perception Point’s 2023 Annual Report also reveals an 83% increase in BEC attempts.

To address this escalating threat, the company has developed an innovative detection model based on LLMs, which uses transformers – AI models that can understand the semantic context of text, similar to well-known LLMs such as OpenAI’s ChatGPT and Google’s Bard.

The solution can therefore identify distinct patterns in LLM-generated text, a critical factor in detecting and countering AI-based threats.

In addition to older security solutions

Perception Point argues that conventional security vendors often fail to achieve the required level of detection accuracy through contextual and behavioral analysis.

The company states that while advanced email security systems use contextual and behavioral identification, they still struggle to identify the newly improved attacks facilitated by generative AI. This is because these attacks bypass the typical patterns that the detection methods were originally designed to recognize.

Additionally, the company claims that solutions currently on the market rely solely on post-shipment detection. This means that the malicious email can sit in the user’s inbox for a longer period of time before it is deleted.

“Legacy email security solutions that rely on signatures and reputation analysis struggle to stop even the most basic payload-free BEC attacks,” Tal Zamir, CTO of Perception Point, told VentureBeat. “The main strength of our new model lies in recognizing the repetition of identifiable patterns in LLM-generated text. The model uses a unique three-phase architecture that detects BECs with the highest detection rates and minimizes false positives.”

Zamir said the solution’s difference lies in its extensive scanning of all emails, quarantining those identified as malicious before they reach the user’s inbox. He explained that this proactive approach eliminates the risks and potential damage associated with detection-based approaches that rely on identifying and remediating threats once they have infiltrated the system.

In addition, the solution includes a managed incident response service, freeing customers’ SOC teams from the responsibility of quickly responding to incidents and implementing new algorithms in real-time to counter new and emerging threats.

Perception Point claims that its model exhibits exceptional speed in processing incoming emails, with an average time of 0.06 seconds. The model was initially trained on hundreds of thousands of malicious samples captured by the company and is continuously updated with new data to optimize its effectiveness.

Leverage generative AI to minimize email-based attacks

Perception Point’s Zamir said the new attacks include cybercriminals exploiting fake emails to impersonate trusted organizations. Using social engineering techniques, the attackers trick employees into transferring large sums of money or revealing confidential data.

“Attackers are taking advantage of the fact that in the modern enterprise, employees are the weakest link in the organization when it comes to security,” Zamir told VentureBeat. “They exploit BEC text-based attacks, which typically do not have malicious payloads such as URLs or malicious files, thereby bypassing traditional email security systems that enter users’ inboxes.”

He further noted that the rise of generative AI, especially LLMs, has given a boost to impersonation, phishing and BEC attacks. This advancement enables cybercriminals to operate at greater speed and scale than ever before.

“Tasks that once required a lot of time and effort, such as target research, prospecting, copywriting and design, can now be accomplished in minutes using carefully crafted calls to action,” Zamir said. “This amplifies the threat by expanding the pool of potential victims and significantly increasing the chances of successful attacks.”

To reduce false positives arising from the extensive use of generative AI for legitimate emails, Perception Point uses a distinct three-phase architecture in its model.

After an initial scoring process, the model uses transformers and clustering algorithms to categorize email content. By integrating insights from these stages with complementary data, such as sender reputation and authentication protocol information, the model predicts whether an email is AI-generated and determines whether it poses a potential threat.

“Our model dynamically scans each email, including the embedded URLs and files, using a patented HAP (Hardware Assisted Platform) layer. This is our proprietary next-generation sandbox that dynamically scans content at the CPU/memory level,” said Zamir.

What’s next for Perception Point?

Zamir said his company aims to develop AI capabilities to sift through large amounts of data, identify potential threats and provide customers with actionable intelligence.

He emphasized that the integration of generative AI bots into collaboration apps like Slack or Teams, browsers like Edge and cloud storage services like Google Drive or OneDrive have created new avenues for potential attacks.

“Perception Point recognizes these emerging threats, and we develop AI security solutions designed to prevent, detect and respond to the ever-increasing complexity of the threat landscape,” Zamir said. “We will continue to ensure our customers can harness the power of generative AI without compromising their security posture.”