Evaluating brand imitation in AI-generated phishing. A 23,000-word investigation into how Large Language Models (LLMs) automate the erosion of digital trust.
My literature review traced the evolution of phishing from the manual, high-effort spear-phishing of the Sony 2014 Breach (costing $100m) to today's automated AI arms race.
The core issue is scalability. What once required a team of hackers to mimic a brand's voice can now be done in seconds by a generative model.
I applied this psychological model to explain why we click. Attackers exploit Credibility (brand logos) and Urgency (deadlines) to bypass logical filters.
How do you measure "realism"? I didn't just read emails; I converted them into data points to measure their similarity mathematically.
Think of BERT as a translator that turns sentences into GPS coordinates. I converted 60+ emails into numerical vectors using all-MiniLM-L6-v2.
By calculating the distance between the "Real Brand" vector and the "AI Clone" vector, I proved they occupy almost the exact same semantic space.
I used Empath to analyze lexical categories like 'Money', 'Urgency', and 'Trust'.
The findings showed that AI is excellent at mimicking corporate authority but often lacks the subtle "entropy" or randomness of human writing—a key marker for future detection tools.
The most alarming finding: Nearly half of study participants mistook AI-generated branded phishing for legitimate communication.
This 50/50 split proves that human intuition is no longer a reliable firewall. When the "Linguistic Fingerprint" is cloned perfectly, the user cannot defend themselves.
Participants were often "Very Confident" that a phishing email was real.
"We are entering an era where detection must rely on technical infrastructure verification, as the visual and linguistic cues we rely on have been fully compromised."