Skip to content
Sagan

Paper

Context-Aware Spear Phishing: Generative AI-Enabled Attacks Against Individuals via Public Social Media Data

Unreadunread

AI summary

The authors demonstrate how generative AI can scrape public social-media data to automate highly personalized spear-phishing attacks. Their framework extracts interests and communication styles from minimal public activity, then instantiates seven attack strategies (baiting, scareware, honey trap, tailgating, impersonation, quid pro quo, emotional exploitation). Large-scale evaluation and a user study show LLM-generated phishing emails consistently outperform real-world phishing corpus emails across eight criteria, eliciting lower suspicion. They also measure existing proactive defenses (prompt-level safeguards, policy-augmented models, chain-of-thought moderation) and find they struggle with contextualized, adaptive attacks.

Main takeaways:

  • Generative AI plus public social-media data enables automated, scalable, highly personalized spear-phishing with minimal attacker effort.
  • The framework combines multimodal signal extraction (interests, context cues), communication-style profiling, and attack-type instantiation across seven strategies.
  • Generated phishing emails exhibit higher personalization, contextual grounding, and persuasive leverage than real-world phishing corpus (APWG eCrimeX).
  • A user study confirms LLM-generated attacks consistently outperform real phishing emails across eight dimensions and elicit lower suspicion.
  • Existing prompt-level defenses, including adaptive mechanisms and chain-of-thought moderation, struggle with contextualized abuse at scale, underscoring the need for platform-level safeguards.