As people continue to be the weak link in most organizations’ cybersecurity practices, the growing use of generative AI tools in cyber-attacks makes email, their primary communications channel, a more compelling target than ever. The risk associated with Business Email Compromise (BEC) in particular continues to rise as generative AI tools equip attackers to build and launch social engineering and phishing campaigns with greater speed, scale, and sophistication.

What is BEC?

BEC is defined in different ways, but generally refers to cyber-attacks in which attackers abuse email — and users’ trust — to trick employees into transferring funds or divulging sensitive company data.

Unlike generic phishing emails, most BEC attacks do not rely on “spray and pray” dissemination or on users’ clicking bogus links or downloading malicious attachments. Instead, modern BEC campaigns use a technique called “pretexting.”

What is pretexting?

Pretexting is a more specific form of phishing that describes an urgent but false situation — the pretext — that requires the transfer of funds or revelation of confidential data.  

This type of attack, and therefore BEC, is dominating the email threat landscape. As reported in Verizon’s 2024 Data Breach Investigation Report, recently there has been a “clear overtaking of pretexting as a more likely social action than phishing.” The data shows pretexting, “continues to be the leading cause of cybersecurity incidents (accounting for 73% of breaches)” and one of “the most successful ways of monetizing a breach.”

Pretexting and BEC work so well because they exploit humans’ natural inclination to trust the people and companies they know. AI compounds the risk by making it easier for attackers to mimic known entities and harder for security tools and teams – let alone unsuspecting recipients of routine emails – to tell the difference.

BEC attacks now incorporate AI

With the growing use of AI by threat actors, trends point to BEC gaining momentum as a threat vector and becoming harder to detect. By adding ingenuity, machine speed, and scale, generative AI tools like OpenAI’s ChatGPT give threat actors the ability to create more personalized, targeted, and convincing emails at scale.

In 2023, Darktrace researchers observed a 135% rise in ‘novel social engineering attacks’ across Darktrace / EMAIL customers, corresponding with the widespread adoption of ChatGPT.

Large Language Models (LLMs) like ChatGPT can draft believable messages that feel like emails that target recipients expect to receive. For example, generative AI tools can be used to send fake invoices from vendors known to be involved with well-publicized construction projects. These messages also prove harder to detect as AI automatically:

• Avoids misspellings and grammatical errors
• Creates multiple variations of email text  
• Translates messages that read well in multiple languages
• And accomplishes additional, more targeted tactics

AI creates a force multiplier that allows primitive mass-mail campaigns to evolve into sophisticated automated attacks. Instead of spending weeks studying the target to craft an effective email, cybercriminals might only spend an hour or two and achieve a better result.  

Challenges of detecting AI-powered BEC attacks

Rules-based detections miss unknown attacks

One major challenge comes from the fact that rules based on known attacks have no basis to deny new threats. While native email security tools defend against known attacks, many modern BEC attacks use entirely novel language and can omit payloads altogether. Instead, they rely on pure social engineering or bide their time until security tools recognize the new sender as a legitimate contact.  

Most defensive AI can’t keep pace with attacker innovation

Security tools might focus on the meaning of an email’s text in trying to recognize a BEC attack, but defenders still end up in a rules and signature rat race. Some newer Integrated Cloud Email Security (ICES) vendors attempt to use AI defensively to improve the flawed approach of only looking for exact matches. Employing data augmentation to identify similar-looking emails helps to a point but not enough to outpace novel attacks built with generative AI.

What tools can stop BEC?

A modern defense-in-depth strategy must use AI to counter the impact of AI in the hands of attackers. As found in our 2024 State of AI Cybersecurity Report, 96% of survey participants believe AI-driven security solutions are a must have for countering AI-powered threats.

However, not all AI tools are the same. Since BEC attacks continue to change, defensive AI-powered tools should focus less on learning what attacks look like, and more on learning normal behavior for the business. By understanding expected behavior on the company’s side, the security solution will be able to recognize anomalous and therefore suspicious activity, regardless of the word choice or payload type.  

To combat the speed and scale of new attacks, an AI-led BEC defense should spot novel threats.

Darktrace / EMAIL™ can do that.  

Self-Learning AI builds profiles for every email user, including their relationships, tone and sentiment, content, and link sharing patterns. Rich context helps in understanding how people communicate and identifying deviations from the normal routine to determine what does and does not belong in an individual’s inbox and outbox.  

Other email security vendors may claim to use behavioral AI and unsupervised machine learning in their products, but their AI are still pre-trained with historical data or signatures to recognize malicious activity, rather than demonstrating a true learning process. Darktrace’s Self Learning-AI truly learns from the organization in which it is installed, allowing it to detect unknown and novel vectors that other security tools are not yet trained on.

Because Darktrace understands the human behind email communications rather than knowledge of past attacks, Darktrace / EMAIL can stop the most sophisticated and evolving email security risks. It enhances your native email security by leveraging business-centric behavioral anomaly detection across inbound, outbound, and lateral messages in both email and Teams.

This unique approach quickly identifies sophisticated threats like BEC, ransomware, phishing, and supply chain attacks without duplicating existing capabilities or relying on traditional rules, signatures, and payload analysis.  

The power of Darktrace’s AI can be seen in its speed and adaptability: Darktrace / EMAIL blocks the most novel threats up to 13 days faster than traditional security tools.

Learn more about AI-led BEC threats, how these threats extend beyond the inbox, and how organizations can adopt defensive AI to outpace attacker innovation in the white paper “Beyond the Inbox: A Guide to Preventing Business Email Compromise.”

What is thread hijacking?

Cyberattacks are becoming increasingly stealthy and targeted, with malicious actors focusing on high-value individuals to gain privileged access to their organizations’ digital environments. One technique that has gained prominence in recent years is thread hijacking. This method allows attackers to infiltrate ongoing conversations, exploiting the trust within these threads to access sensitive systems.

Thread hijacking typically involves attackers gaining access to a user’s email account, monitoring ongoing conversations, and then inserting themselves into these threads. By replying to existing emails, they can send malicious links, request sensitive information, or manipulate the conversation to achieve their goals, such as redirecting payments or stealing credentials. Because such emails appear to come from a trusted source, they often bypass human security teams and traditional security filters.

How does thread hijacking work?

1. Initial Compromise: Attackers first gain access to a user’s email account, often through phishing, malware, or exploiting weak passwords.
2. Monitoring: Once inside, they monitor the user’s email threads, looking for ongoing conversations that can be exploited.
3. Infiltration: The attacker then inserts themselves into these conversations, often replying to existing emails. Because the email appears to come from a trusted source within an ongoing thread, it bypasses many traditional security filters and raises less suspicion.
4. Exploitation: Using the trust established in the conversation, attackers can send malicious links, request sensitive information, or manipulate the conversation to achieve their goals, such as redirecting payments or stealing credentials.

A recent incident involving a Darktrace customer saw a malicious actor attempt to manipulate trusted email communications, potentially exposing critical data. The attacker created a new mailbox rule to forward specific emails to an archive folder, making it harder for the customer to notice the malicious activity. This highlights the need for advanced detection and robust preventive tools.

Darktrace’s Self-Learning AI is able to recognize subtle deviations in normal behavior, whether in a device or a Software-as-a-Service (SaaS) user. This capability enables it to detect emerging attacks in their early stages. In this post, we’ll delve into the attacker’s tactics and illustrate how Darktrace / IDENTITY™ successfully identified and mitigated a thread hijacking attempt, preventing escalation and potential disruption to the customer’s network.

Thread hijacking attack overview & Darktrace coverage

On August 8, 2024, Darktrace detected an unusual email received by a SaaS account on a customer’s network. The email appeared to be a reply to a previous chain discussing tax and payment details, likely related to a transaction between the customer and one of their business partners.

A few hours later, Darktrace detected the same SaaS account creating a new mailbox rule named “.”, a tactic commonly used by malicious actors to evade detection when setting up new email rules [2]. This rule was designed to forward all emails containing a specific word to the user’s “Archives” folder. This evasion technique is typically used to move any malicious emails or responses to a rarely opened folder, ensuring that the genuine account holder does not see replies to phishing emails or other malicious messages sent by attackers [3].

Darktrace recognized the newly created email rule as suspicious after identifying the following parameters:

• AlwaysDeleteOutlookRulesBlob: False
• Force: False
• MoveToFolder: Archive
• Name: “.”
• FromAddressContainsWords: [Redacted]
• MarkAsRead: True
• StopProcessingRules: True

Darktrace also noted that the user attempting to create this new email rule had logged into the SaaS environment from an unusual IP address. Although the IP was located in the same country as the customer and the ASN used by the malicious actor was typical for the customer’s network, the rare IP, coupled with the anomalous behavior, raised suspicions.

Given the suspicious nature of this activity, Darktrace’s Security Operations Centre (SOC) investigated the incident and alerted the customer’s security team of this incident.

Due to a public holiday in the customer's location (likely an intentional choice by the threat actor), their security team did not immediately notice or respond to the notification. Fortunately, the customer had Darktrace's Autonomous Response capability enabled, which allowed it to take action against the suspicious SaaS activity without human intervention.

In this instance, Darktrace swiftly disabled the seemingly compromised SaaS user for 24 hours. This action halted the spread of the compromise to other accounts on the customer’s SaaS platform and prevented any sensitive data exfiltration. Additionally, it provided the security team with ample time to investigate the threat and remove the user from their environment. The customer also received detailed incident reports and support through Darktrace’s Security Operations Support service, enabling direct communication with Darktrace’s expert Analyst team.

Conclusion

Ultimately, Darktrace’s anomaly-based detection allowed it to identify the subtle deviations from the user’s expected behavior, indicating a potential compromise on the customer’s SaaS platform. In this case, Darktrace detected a login to a SaaS platform from an unusual IP address, despite the attacker’s efforts to conceal their activity by using a known ASN and logging in from the expected country.

Despite the attempted SaaS hijack occurring on a public holiday when the customer’s security team was likely off-duty, Darktrace autonomously detected the suspicious login and the creation of a new email rule. It swiftly blocked the compromised SaaS account, preventing further malicious activity and safeguarding the organization from data exfiltration or escalation of the compromise.

This highlights the growing need for AI-driven security capable of responding to malicious activity in the absence of human security teams and detect subtle behavioral changes that traditional security tools.

Credit to: Ryan Traill, Threat Content Lead for his contribution to this blog

Appendices

Darktrace Model Detections‍

SaaS / Compliance / Anomalous New Email Rule

Experimental / Antigena Enhanced Monitoring from SaaS Client Block

Antigena / SaaS / Antigena Suspicious SaaS Activity Block

Antigena / SaaS / Antigena Email Rule Block

References

[1] https://blog.knowbe4.com/whats-the-best-name-threadjacking-or-man-in-the-inbox-attacks

[2] https://darktrace.com/blog/detecting-attacks-across-email-saas-and-network-environments-with-darktraces-combined-ai-approach

[3] https://learn.microsoft.com/en-us/defender-xdr/alert-grading-playbook-inbox-manipulation-rules