Security News > 2023 > October > Humans are still better than AI at crafting phishing emails, but for how long?

Humans are still better at crafting phishing emails compared to AI, but not by far and likely not for long, according to research conducted by IBM X-Force Red.

Creating phishing emails: Humans vs. AI. The researchers wanted to see whether ChatGPT is as capable of writing a "Good" phishing email as attackers are.

"As someone who writes phishing emails for a living, I was excited to find out the answer," said Stephanie Carruthers, Chief People Hacker for IBM X-Force Red.

Concurrently, X-Force Red social engineers crafted their own phishing email, after using OSINT techniques to gather information that would help them choose the sender to impersonate and decide on the lure.

"Armed with creativity, and a dash of psychology, these social engineers created phishing emails that resonated with their targets on a personal level. The human element added an air of authenticity that's often hard to replicate," Carruthers concluded.

"Humans may have narrowly won this match, but AI is constantly improving. As technology advances, we can only expect AI to become more sophisticated and potentially even outperform humans one day. As we know, attackers are constantly adapting and innovating. Just this year we've seen scammers increasingly use voice clones generated by AI to trick people into sending money, gift cards or divulge sensitive information."

News URL

https://www.helpnetsecurity.com/2023/10/26/humans-ai-phishing-emails/