Blog

Machine Learning to Identify Email-Based Scams

Written by David Vuijsje | Apr 04, 2022

I was first exposed to the idea of micro-expressions by Lie to Me, a crime series inspired by the work of Paul Ekman, professor emeritus at UCSF and advisor to law enforcement. By analyzing micro-expressions, involuntarily facial expressions, and body language that lasts a fraction of a second exposing the true emotion of a person, the main character Dr. Cal Lightman (Tim Roth) and his team assist local and federal law enforcement agencies in solving countless cases.

Later, as a Psychology major, I ran a modest experiment inspired by what I had read and learned. Together with my friend, Layah Alkoby, we recorded a few foreign students telling us a story (true or false) in their native tongue to avoid lip reading. We muted the sound and showed the videos to a group of deaf and hearing test subjects. Our hypothesis that the deaf group was better trained in observing facial expressions and thus better equipped to identify lies was confirmed.

In my time at IRONSCALES, I have regularly thought about this study. Together, with a brilliant team of Data Analysts and Machine Learning Engineers, we work to develop AI-powered protection by identifying cons and scams (aka phishing) neatly delivered in employees’ mailboxes. These mails are often tailor-made for the “mark” in a bid to gain access to sensitive data. Micro-expressions have made a place for datasets and a range of ML models.

However, like micro-expressions and even the illustrious Dr. Lightman, machine-learning models are not waterproof. Hostile actors persistently search for new ways to circumvent the detection of their socially engineered phishing attacks. It is because of this that a hi-tech solution must go paired with employee awareness and a healthy dose of paranoia.

Before the pandemic, the average professional received an average of 121 emails and spent 2.6 hours per day (28% of the workday) reading or writing his own. It won't surprise you that I'm going to quote a study that talks about an increase in email activity since the pandemic began. Indeed, Pathwire, an email platform with clients like American Express, Lyft, and DHL report that their survey shows 49.1% of the respondents send emails to customers even more frequently since the onset of the pandemic. It's unreasonable to expect anyone to remain alert under this barrage of emails without recurring simulations and training.

I am proud to share that at IRONSCALES, we have been working on a free solution providing Phishing Simulation & Training as well as tools to easily report, analyze and remediate suspicious and malicious emails. This allows every company, regardless of their resources, to prepare for the unavoidable day they are a mark.

To learn more about Starter, our freemium offering, please click here.

To learn more about IRONSCALES’ award-winning anti-phishing solution, please sign up for a demo today at ironscales.com/get-a-demo.