Machine Learning Creates Detection-Evading Phishing URLs

Cyxtera Technologies, a cybersecurity vendor based in the USA, have built DeepPhish, a piece of machine-learning software that, allegedly, generates phishing URLs that beats phishing defense mechanisms. Tim Helming, Director of Product Management at DomainTools commented below.

Tim Helming, Director of Product Management at DomainTools:

“If cybersecurity researchers are using machine learning as a method of keeping us safe online, it seems only reasonable to assume that the bad guys are trying to use the same technology to further their own aims. The fact that this machine learning generated URLs capable of bypassing phishing defenses is of course worrying, and reinforces the point that because phishing is a vector which targets human weakness It is up to humans to remain vigilant; check URLs before you click on them for typos, always verify unknown links, particularly ones sent by email or SMS, and generally exercise as much caution as possible. Technology is getting smarter, but cybercriminals have all of the same technology that we do- it’s up to us.”

Experts Comments

Stay Tuned! Our Information Security Experts Community is responding .....

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.