'Conversation Overflow' Cyberattacks Bypass AI Security to Target Execs'Conversation Overflow' Cyberattacks Bypass AI Security to Target Execs
Credential-stealing emails are getting past artificial intelligence's "known good" email security controls by cloaking malicious payloads within seemingly benign emails. The tactic poses a significant threat to enterprise networks.
A novel cyberattack method dubbed "Conversation Overflow" has surfaced, attempting to get credential-harvesting phishing emails past artificial intelligence (AI)- and machine learning (ML)-enabled security platforms.
The emails can escape AI/ML algorithms' threat detection through use of hidden text designed to mimic legitimate communication, according to SlashNext threat researchers, who released an analysis on the tactic today. They noted that it's being used in a spate of attacks in what appears to be a test-driving exercise on the part of the bad actors, to probe for ways to get around advanced cyber defenses.
As opposed to traditional security controls, which rely on detecting "known bad" signatures, AI/ML algorithms rely on identifying deviations from "known good" communication.
So, the attack works like this: cybercriminals craft emails with two distinct parts; a visible section prompting the recipient to click a link or send information, and a concealed portion containing benign text intended to deceive AI/ML algorithms by mimicking "known good" communication.
About the Author
You May Also Like