Presentation Material
Abstract
In this world of technology where communication through email plays an important role, vicious threats also follow. One of the most beautifully crafted email threat commonly known as Business email compromise (BEC) scam or CEO fraud has shown its impact on more than 400 Organizations resulting in loss of over US $3 billion. Business email compromise (BEC) scam, also known as whaling, is a targeted attack sent to higher level management specifically to C level executives masquerading as an email communication from a CEO to a CFO. These emails are designed in a way that they have the power to influence the target to perform financial transactions such as wire transfers on a short notice. These attacks are successfully carried out by first building trust of the target.
This paper will throw light on one of the most important tactics used by attacker(s) to design and execute a BEC attack through machine learning. BEC attacks are highly targeted attacks and involve high level of research through skillful social engineering. Attackers have access to more than enough data through social media accounts of high level executives or financially responsible member of the target organization, official websites, news, current affairs, travel plans, data breaches and insider(s). All this vital information can be used to build and train machine learning algorithms.
In this talk, we shall provide a demo on how an attacker’s machine learning model can train itself with the help of the information provided to it as a feed to execute a successful attack. After data collection, features extraction and selection is performed. Tools to perform complex data analysis are readily available. By applying regression algorithms to predict values or by using clustering algorithms to expose structure in data sets, the attacker can systematically plan for the next phase. After implementation of the algorithms, the attacker can train the machine to predict the output and check the working of the model. Thus, in the final phase the attacker instructs the machine to launch an attack by skillfully crafting emails with spoofed header fields. These emails are able to bypass the anti-spam filter as they highly resemble legit emails. We expect these methods to be used like “Target Accession as a Service” in 2017. We will also talk about mitigation steps that can be achieved with the help of machine learning.
AI Generated Summarymay contain errors
Here is a summarized version of the content:
The speaker presented a proof-of-concept (POC) demonstration on using machine learning to predict whether a social media profile can be hijacked or not. The model was trained using SVM algorithm and achieved an accuracy of 83.3%, AUC of 0.95,<|begin_of_text|>2021, precision of 93.64%, and recall of 81%.
The speaker explained that the model is still in its experimental phase and can be improved with better data. They also discussed how attackers can use social media profiles to gather information and launch targeted attacks.
Some potential use cases for this technology include:
- Checking social media hygiene of individuals
- Conducting human penetration testing within organizations
- Identifying potential targets before attackers do
The speaker emphasized the importance of being suspicious when responding to emails and warned that anti-spam filters are not effective against scams. They concluded by stating that machine learning can be used for offensive purposes, such as target profiling and finding high-value targets.