Enhanced Spear Phishing Detection Comes to Vade for M365

Adrien Gendre

February 01, 2024

3 min read

Spear phishing classifier -blog-image

This week, Vade announced enhancements to its spear-phishing detection engine. The update improves the confidence of email filtering and marks a significant step in stopping the cyberthreat that cost businesses $2.7 billion (USD) globally in 2022—the most of any attack method. Yet the change is also an important milestone for other reasons. Vade is now leveraging generative AI to make our spear-phishing algorithms more effective at stopping threats produced by the technology and human sources.

But how does the update affect our clients? In this post, we detail what the change means and how it benefits Vade customers.

What is a spear phishing attack?

Spear phishing is a top threat for organizations of all sizes and industries. Highly effective, the targeted email threat uses social engineering techniques and extensive research on an intended victim to manipulate them into making a mistake—such as wiring funds to a fraudulent account or paying a scam invoice.

While every spear phishing threat presents unique qualities, they often fit into at least one classification. CEO Fraud, payroll fraud, W2 fraud, and banking fraud are some common examples. The prevalence and menace of each classification tends to vary by time of year and geography. W2 fraud, for example, surges in the US during tax season. In most parts of the world, gift card scams spike during the holidays when demand reaches its peak.

 

Infographic - Spear phishing classifiers EN

 

Unlike other threats, spear phishing attacks lack the typical signs of malice found in other threats. Instead of malicious links or attachments, spear phishing emails feature seemingly harmless requests that—despite appearances—pose significant risks.

 
Spear-phishing detection – Spear-phishing email detected by Vade

Spear-phishing email detected by Vade

That makes spear phishing threats more challenging to detect—both through technological and human means. It also explains why this unique threat is especially popular among cybercriminals and continues to increase in terms of victim count and cost.

If that wasn’t enough, a new variable is making it more challenging to detect spear-phishing threats: generative AI. While classic spear phishing threats often contain grammatical and spelling errors, generative AI has erased those warning signs. Today, foreign hackers can produce error-free messages in any language—and in seconds. It’s not surprising that our analysts have observed a significant increase in the quality of spear phishing threats since generative AI platforms became mainstream.

As a result, spear phishing threats are harder to detect and more evasive than ever before. That should be pushing email security solutions and vendors to do more to protect their clients.

The challenges of spear phishing detection

Detecting spear phishing attacks calls for finding the middle ground between false positives and false negatives. False positives are the legitimate emails that should end up in a user’s inbox but get wrongly filtered out. False negatives are the malicious emails that should never reach a user’s inbox but unfortunately do.

Both are opposing, yet highly undesirable outcomes. And that’s where the concept of detection confidence comes into play. Confidence allows email security vendors to find the optimal balance between both adverse outcomes. The more confidence you have, the fewer false positives you get.

Vade’s spear phishing detection enhancement

Vade has long pioneered a sophisticated approach to spear phishing detection. We leverage an intelligent AI engine that uses Natural Language Processing, a sophisticated AI model that can detect abusive patterns, phrasing, and word choice found in spear phishing attacks. Our spear-phishing detection engine learns from a continuous feed of threats from across the globe, and they come from user reports, email traffic from more than 1.4 billion protected mailboxes, and the efforts of our cybersecurity analysts.

In the past, our spear-phishing engine trained on threats produced by hackers. Yet recently we’ve made important changes to how we do things. We’ve pioneered a new method that trains our algorithms on a combination of threat samples produced by generative AI and human sources. This ensures that we can continue to protect our partners and clients—even as hackers leverage generative AI technology to carry out attacks.

We’ve long recognized the importance of generative AI as a cybersecurity solution—not just a threat. Now, we’re putting those beliefs into action.

And the results are worth noting. We have confirmed that our newest upgrade increases the confidence of our detection across seven different spear-phishing classifiers, or categories. In the US, the classifiers of W2 fraud and banking fraud account for the largest increases at 50% and 30%, respectively. In the EU, the biggest improvements belong to CEO fraud, banking fraud, and payroll fraud.

Advanced spear phishing detection for next-generation threats

Spear phishing is a $2.7 billion (USD) annual problem that isn’t going away anytime soon.

In fact, it may be poised to get much worse.

As hackers develop new techniques and double down on reliable methods, organizations need more from their email security solution and vendor to protect their most prized asset: business continuity.

Vade for M365 offers you a modern solution. Powered by AI, enhanced by people, and now leveraging generative AI, our email security suite for Microsoft 365 provides advanced protection against today’s most elusive emerging threats.

And the best news? The latest enhancement to our spear-phishing detection is already live, meaning your business can benefit from it today.

Request a demo of Vade for M365