Microsoft warns that a recent phishing campaign used AI technology to obfuscate its payload and evade security filters.
“Appearing to be aided by a large language model (LLM), the activity obfuscated its behavior within an SVG file, leveraging business terminology and a synthetic structure to disguise its malicious intent,” the researchers write.
“In analyzing the malicious file, Microsoft Security Copilot assessed that the code was ‘not something a human would typically write from scratch due to its complexity, verbosity, and lack of practical utility.’”
The attackers used a compromised small business email account to send the phishing emails, which posed as file-sharing notifications. If a user opened the attached file, they would be redirected to a webpage designed to steal their credentials.
Microsoft notes, “The attackers employed a self-addressed email tactic, where the sender and recipient addresses matched, and actual targets were hidden in the BCC field, which is done to attempt to bypass basic detection heuristics.”
The researchers warn that this campaign is part of a larger trend of threat actors using AI tools to assist in
“Like many transformative technologies, AI is being adopted by both defenders and cybercriminals,” Microsoft says. “While defenders use AI to detect, analyze, and respond to threats at scale, attackers are experimenting with AI to enhance their own operations, such as by crafting more convincing lures, automating obfuscation, and generating code that mimics legitimate content. Even though the campaign in this case was limited in nature and primarily aimed at US-based organizations, it exemplifies a broader trend of attackers leveraging AI to increase the effectiveness and stealth of their operations. This case also underscores the growing need for defenders to understand and anticipate AI-driven threats.”
KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 HRM+ platform to strengthen their security culture and reduce human risk.
Microsoft has the story.
