September 29, 2023

Abnormal Security has announced a new service called CheckGPT, specifically designed to detect artificial intelligence-generated email attacks.

The service determines when email threats, including business email compromise and other socially engineered attacks, have likely been created using generative AI tools.

The security firm argues that cybercriminals are harnessing the power of generative AI, such as ChatGPT or its malicious counterpart, WormGPT, to craft compelling emails that evade traditional security measures. As generative AI becomes more widely adopted, there is a considerable increase in BEC attacks.


Thia service differs from traditional email security solutions, taking a radically different approach to stopping advanced email attacks. The API architecture ingests thousands of diverse signals to build a baseline of the known-good behavior of every employee and vendor in an organization based on communication patterns, sign-in events, and thousands of other attributes.

It then applies advanced AI models, including natural language processing, to detect abnormalities in email behavior that indicate a potential attack. After initial email processing, the Abnormal platform further expands upon its classification of emails by processing email attacks to understand their intent and origin.

The CheckGPT tool leverages a suite of open-source large language models to analyze how likely it is that a generative AI model created the message. It analyzes the likelihood that each word in the message has been generated by an AI model, given the context that precedes it.


If the likelihood is consistently high, it’s a strong potential indicator that AI generated the text. The system then combines this indicator with a range of AI detectors to make a final determination on whether an attack was likely to be generated by AI.

Leave a Reply

%d bloggers like this: