Security News > 2023 > March > Humans are still better at creating phishing emails than AI — for now

Amid all of the buzz around ChatGPT and other artificial intelligence apps, cybercriminals have already started using AI to generate phishing emails.

In the end, human-generated phishing mails caught more victims than did those created by ChatGPT. Specifically, the rate in which users fell for the human-generated messages was 4.2%, while the rate for the AI-generated ones was 2.9%. That means the human social engineers outperformed ChatGPT by around 69%. One positive outcome from the study is that security training can prove effective at thwarting phishing attacks.

Germany: 2.3% were tricked by humans, while 1.9% were tricked by AI. Sweden: 6.1% were deceived by humans, with 4.1% deceived by AI. Current cybersecurity defenses can still cover AI phishing attacks.

Though phishing emails created by humans were more convincing than those from AI, this outcome is fluid, especially as ChatGPT and other AI models improve.

On the plus side, protecting your organization from phishing emails and other threats requires the same defenses and coordination whether the attacks are created by humans or by AI. "ChatGPT allows criminals to launch perfectly worded phishing campaigns at scale, and while that removes a key indicator of a phishing attack - bad grammar - other indicators are readily observable to the trained eye," said Hoxhunt CEO and co-founder Mika Aalto.

For now, phishing emails generated by AI are written in a formal and stilted manner.

News URL

https://www.techrepublic.com/article/phishing-emails-humans-better-creating-than-ai/