Social engineering attacks leveraging hand-crafted emails are on the rise, and are causing at least $12.5 billion dollars in damage per year. Custom authored and often incorporating background research on their targets, they pose a significant challenge for traditional signature and ML detection technologies, as an individual targeted email may not share word sequences or word choices with previously seen attacks, and may appear different in only subtle ways from benign messages.
To attack this problem, we’ve built a neural network model that’s been trained on billions of words of benign text so as to “learn” a sophisticated representation of the syntax and semantics of natural language. This allows the network to pick up on the subtleties of email topic, tone, and style. We then fine-tune the network to detect phishing attacks in a “generic” way, based on these abstract semantics, such that our detector accurately detects new, targeted phishing attacks accurately.