Prompted Contextual Vectors for Spear-Phishing Detection
Daniel Nahmias, Gal Engelberg, Dan Klein, Asaf Shabtai
TL;DR
The paper addresses the challenge of detecting AI-assisted spear-phishing by introducing prompted contextual document vectors, produced by an ensemble of LLMs prompted to reason about targeted questions reflecting persuasion tactics. These vectors feed a binary classifier and demonstrate strong performance, achieving a 0.91 F1 on spear-phishing detection and robust generalization to related social-engineering threats, including smishing, under covariate drift. Key contributions include a novel LLM-based vectorization method, a publicly released spear-phishing dataset, and evidence that reasoning-enabled vectors align with an optimal feature space that resists concept drift. The work highlights practical implications for adversarial document classification and supports privacy-conscious deployment with discussion of limitations and future directions for automatic question generation and broader domain applicability.
Abstract
Spear-phishing attacks present a significant security challenge, with large language models (LLMs) escalating the threat by generating convincing emails and facilitating target reconnaissance. To address this, we propose a detection approach based on a novel document vectorization method that utilizes an ensemble of LLMs to create representation vectors. By prompting LLMs to reason and respond to human-crafted questions, we quantify the presence of common persuasion principles in the email's content, producing prompted contextual document vectors for a downstream supervised machine learning model. We evaluate our method using a unique dataset generated by a proprietary system that automates target reconnaissance and spear-phishing email creation. Our method achieves a 91\% F1 score in identifying LLM-generated spear-phishing emails, with the training set comprising only traditional phishing and benign emails. Key contributions include a novel document vectorization method utilizing LLM reasoning, a publicly available dataset of high-quality spear-phishing emails, and the demonstrated effectiveness of our method in detecting such emails. This methodology can be utilized for various document classification tasks, particularly in adversarial problem domains.