Bad actors using AI to target businesses via business email compromise (BEC)

Once a trusted email source has been compromised bad actors can insert themselves into a conversation attempting to deceive the target into believing that the communication is coming from a legitimate source, such as a colleague, a partner or a bank. Business email compromise (BEC) can result in serious consequences for the target, such as losing money or exposing confidential data.

Today, BEC is becoming more advanced and realistic, thanks to the use of artificial intelligence (AI) by cyber criminals. AI can help them create convincing and customized emails, texts, and calls, using natural language generation and speech synthesis. These technologies can mimic the style and tone of the genuine sender or caller and adapt to the context and situation of the target.

AI can also help cyber criminals automate and scale their malicious campaigns, by mining large amounts of data and finding the most attractive and vulnerable targets. For instance, AI can crawl social media profiles, company websites, and public records to collect information about the target’s hobbies, preferences, behaviors, and connections. This information can then be used to design persuasive and relevant messages that can lure the target into taking the desired action, such as opening a link, downloading a file or sending money.

To combat the threat of AI-enabled BEC, businesses may want to consider leveraging AI-based solutions that can identify and block such attacks. AI can help businesses analyze the content and context of incoming communications and alert any suspicious or abnormal elements. AI can also help businesses verify the identity and validity of the sender or caller, by using biometric or behavioral features, such as voice, face or typing patterns.

Furthermore, businesses should educate and train their employees on how to spot and avoid BEC attacks, and how to report any suspected incidents. Organizations should also implement robust security policies and procedures, such as using encryption, multi-factor authentication and backup systems, to protect their data and assets from unauthorized access or theft.