Security

New IBM security tool uses machine learning to help businesses detect phishing

A new solution from IBM Trusteer automates website classification and can help label phishing websites 250% faster than traditional methods.

phishing.jpg
Image: iStockphoto/weerapatkiatdumrong

A new machine-learning based security solution from IBM could help businesses detect phishing sites up to 250% faster than other methods. Announced via a blog post on Monday, the cognitive phishing detection feature is part of the IBM Security Trusteer platform.

When it comes to hacking, phishing is one of the oldest tricks in the book. It has stayed around for so long, in part, because it still works. According to IBM Security research cited in the post, some 30% of phishing emails are opened by targeted recipients. Phishing works well because it capitalizes on the fact that humans are typically the weakest link in an organization's cybersecurity. Additionally, the attacks are becoming more advanced and harder to detect at first glance, the post said.

SEE: How one man's phishing scam cost two major US tech companies $100M

The effects of a phishing attack are felt quickly. More than 70% of user credentials were stolen within the first hour of a phishing attack. However, by using machine learning, IBM's new capability is able to flag a site for phishing in just a few minutes, the post said.

"Moreover, sophisticated machine learning algorithms continually raise detection accuracy over time, dropping false positive rates lower than 1 percent," the post said.

The new cognitive phishing detection feature was developed with help from the IBM Cyber Security Center of Excellence at Ben-Gurion University in Israel as well. It works by looking at unstructured website data like URLs, images, text, and more, the post said. It also examines the use of a company logo and the wording on the site to see if the use of the company assets are legitimate.

The goal of the tool is to detect a phishing site and alert the affected users. It also "issues a protection layer," the post said, in order to keep users from going to the site. The tool also alerts the affected brand that the phishing site was trying to mimic, so it can take the proper precautions to protect itself.

"It can accurately identify a wide variety of phishing pages, including those that only present users with an image to elude content analysis and those that deliver dynamic content to the page to evade web crawlers," the post said.

IBM's cognitive phishing detection isn't the first time the company has utilized its cognitive computing prowess to enhance cybersecurity. In February 2017, the company announced the availability of Watson for Cyber Security, which uses natural language processing to examine security documents and fill in the gaps caused by a lack of cybersecurity professionals.

The 3 big takeaways for TechRepublic readers

  1. IBM's new cognitive phishing detection capability uses machine learning to help businesses detect a phishing site up to 250% faster than traditional methods.
  2. According to IBM Security research, more than 70% of users' credentials are compromised within the first hour of a phishing attack.
  3. IBM also recently launched Watson for Cyber Security, using natural language processing to gain insights from security documents.

Also see

About Conner Forrest

Conner Forrest is a Senior Editor for TechRepublic. He covers enterprise technology and is interested in the convergence of tech and culture.

Editor's Picks

Free Newsletters, In your Inbox