Artificial intelligence in the fight against spam and phishing

Abstract

Abstract. In the modern digital environment, the volume of electronic communications is growing exponentially, creating favorable conditions for the spread of spam and phishing. These types of cyber threats pose a serious danger to users, as they can lead to the leakage of confidential data, financial losses, and infection of computer systems with malicious software [1]. Traditional approaches to combating spam, such as keyword-based filtering or blacklists, are insufficiently effective, since attackers constantly adapt the text and structure of messages. In this context, artificial intelligence (AI) and machine learning (ML) methods play an important role, as they are capable of analyzing large volumes of data and identifying hidden patterns [1]. To improve the accuracy of message classification, machine learning models are trained on examples of "spam" and "ham" emails. Additionally, the system’s efficiency can be enhanced through the use of similarity hashing algorithms (SimHash, TLSH, ssdeep) [2]. These algorithms make it possible to detect similar messages even when their text is partially modified, which makes them particularly useful for identifying large-scale phishing campaigns. Practical experiments show that combining similarity hashing with natural language processing (NLP) methods provides spam detection accuracy of over 90% [2]. This approach increases the effectiveness of email filtering systems and minimizes the number of false positives. At the same time, the issue of continuous model updating remains relevant, since spammers are increasingly using generative AI technologies to create new variants of phishing messages. This necessitates the ongoing improvement of detection methods and the integration of hybrid analysis systems [3]. Artificial intelligence is a powerful tool in countering spam and phishing. Its use allows for the automation of analysis processes, improving detection accuracy and reducing risks associated with social engineering attacks. Further development in this field should focus on creating comprehensive cybersecurity systems that combine machine learning, similarity hashing, and behavioral analytics of users [3].