By EWN • Published: 28 Jun 2022 • 11:00
Phishing attacks continued their dramatic rise and became the most prevalent threat in the U.S. in 2020. According to the FBI’s Internet Crime Complaint Center (IC3) report, the number of victims of various phishing attempts reached 241,342. These data breaches cause the loss of credentials as opposed to the installation of malware.
Detecting phishing through their AI detection systems has become essential for platforms and providers. Read on to find out how VISUA uses Visual-AI (also known as Computer Vision) to flag potentially high-risk elements for prioritized deeper analysis.
There are various forms of phishing, but most attempts come through emails. However, these socially engineered messages can also come through other communications platforms, including messaging, conferencing, SMS, and cloud-based sharing platforms.
Unfortunately, the chances of employees clicking on phishing email links remain high; all indications are that 20% of them will, with about 13.4% submitting sensitive information to the malicious link.
Phishing attacks have become more convincing to the human eye because they include graphical attack vectors (tricking systems) that make users think they are legitimate. In other words, the scammers use visual elements to hide basics that will make it harder to detect phishing emails.
The most obvious method to confuse users include using the company logo in the message sent. The logo appears in an email, webpage, or social media post. Scammers know that detection systems will look for current logos, so, sometimes the scammers use an older or modified version that can confuse some less capable detection/computer vision solutions.
Scammers also include authoritative icons like the padlock, SSL Secure, or Certified Partner logos to convince their victims that the communication is authentic and safe.
Other ways they use to deceive recipients into trusting their webpages and emails include the use of branding favicons and other elements that are pixel-perfect.
These bad actors use several conversion techniques to evade detection by converting keywords, images, and URLs to graphics. Moreover, they know that detection programs use basic computer vision to detect them, so they break up graphics into several smaller parts, which they reassemble when the page is rendered, to hide them from detection.
They also use programmatic obfuscation techniques like saturation, padding keywords, short-life URLs, and IP-based substitutions to find system gaps.
Copyright: VISUA
The remote and hybrid work models across workforces have contributed to the increased phishing statistics. As a result, platforms and providers need the ability to detect the undetectable so they can render phishing to the same level as a spam email.
VISUA’s vision of improved cyber security and cyber safety remains the trusted solution for several leading platforms and marketplaces, including eBay, Mimecast, GearLanch, and Red Points.
Unfortunately, one of the chief problems with the technologies for detecting and blocking phishing content is that the bad players use sophisticated technologies of their own to evade detection.
VISUA’s solution uses Visual-AI to scan emails and web pages visually rather than programmatically. Therefore, the technology doesn’t rely on code or fingerprints but instead looks at them, as a human would, but at machine speed to instantly flag high-risk elements for further investigation.
Visual-AI by VISUA works in harmony with other existing AI-based detection methods. It is an early warning system that instantly analyzes and detects all the visual signals based on a proprietary technological stack driven to make accurate decisions.
VISUA’s phishing prevention and detection with computer vision use unique analysis to exploit the critical flaws of attacks. It does this by capturing a flattened page image and sending it for visual processing.
Identifying the visual signals relies on the rules and requirements set by each platform. The system matches the page to other good and bad versions to match flaws, making for easier detection.
The consequences of any breach from a phishing attack include loss of revenue to the company and its customers, user downtime, reputational damage, and compliance fines, among others.
Current phishing trends indicate that these attacks are becoming more successful, leading to the need for a more technological and multi-layered approach. VISUA makes it easy for anyone to integrate their comprehensive API for speedier and more effective phishing security solutions across all platforms.
Visual-AI works together with traditional program analysis to ensure a powerful addition to the cybersecurity of any platform or provider.
Share this story
Subscribe to our Euro Weekly News alerts to get the latest stories into your inbox!
By signing up, you will create a Euro Weekly News account if you don't already have one. Review our Privacy Policy for more information about our privacy practices.
By signing up, you will create a Euro Weekly News account if you don’t already have one. Review our Privacy Policy for more information about our privacy practices.
Download our media pack in either English or Spanish.