A Systematic Review of Machine Learning Enabled Phishing

TL;DR

This paper systematically reviews how machine learning techniques are used to enhance phishing attacks, assessing risks, differences from traditional methods, and implications for cybersecurity defenses.

Contribution

It provides a comprehensive survey of ML-enabled phishing campaigns and introduces a risk framework for evaluating their impact and threat level.

Findings

Identification of high-risk ML-enabled phishing use cases

Distinction between traditional and ML-enabled phishing campaigns

Guidance for practitioners on cybersecurity strategies

Abstract

Developments in artificial intelligence (AI) are likely to affect social engineering and change cyber defense operations. The broad and sweeping nature of AI impact means that many aspects of social engineering could be automated, potentially giving adversaries an advantage. In this review, we assess the ways phishing and spear-phishing might be affected by machine learning techniques. By performing a systematic review of demonstrated ML-enabled phishing campaigns, we take a broad survey the space for current developments. We develop a detailed approach for evaluation by creating a risk framework for analyzing and contextualizing these developments. The object of this review is to answer the research questions: (1) Are there high-risk ML-enabled phishing use cases? (2) Is there a meaningful difference between traditional targeted phishing campaigns and ML-enabled phishing campaigns? Practitioners may use this review to inform standards, future research directions, and cyber defense strategies.