LEGALAUDIT

Scam Watch

Comment reconnaitre LLM written BEC email — perfect grammar across languages, no telltale typos?

En bref

Threat actors use ChatGPT / Claude / local LLMs to write Business Email Compromise lures in flawless English, Italian, German, French, Mandarin etc. Removes the historical 'broken grammar' filter. Tells: 1) tone is templated formal but...

Comment ca fonctionne

Threat actors use ChatGPT / Claude / local LLMs to write Business Email Compromise lures in flawless English, Italian, German, French, Mandarin etc. Removes the historical 'broken grammar' filter. Tells: 1) tone is templated formal but...

Signaux d'alerte

  • Pression urgente pour cliquer, payer ou partager des codes immediatement.
  • Lien ou expediteur qui ne correspond pas a l'organisation officielle.
  • Demande de carte, mot de passe, OTP, signature wallet ou virement.

Que faire

  1. 1true vendor email which carries a reply chain); 3) uses generic urgency phrasing ('please action ASAP', 'before end of day'); 4) requests change of payment details with no operational reason; 5) signature block exactly matches public email signature scraped from LinkedIn.
  2. 2DO: verify any payment change via callback to a number you held BEFORE the email; deploy DMARC + display name spoofing controls + LLM detection at the gateway.

Source

Microsoft-Digital-Defense-Report-2024

Source verifiee par Mythos Forensic Team

https://www.microsoft.com/security/security-insider/microsoft-digital-defense-report-2024

FAQ

LLM written BEC email — perfect grammar across languages, no telltale typos est une vraie arnaque ?

Oui. Traitez le message, l'appel ou la demande de paiement comme suspect jusqu'a verification via un canal officiel.

Quels sont les premiers signaux ?

Pression urgente pour cliquer, payer ou partager des codes immediatement.; Lien ou expediteur qui ne correspond pas a l'organisation officielle.; Demande de carte, mot de passe, OTP, signature wallet ou virement.

Que faire en premier ?

true vendor email which carries a reply chain); 3) uses generic urgency phrasing ('please action ASAP', 'before end of day'); 4) requests change of payment details with no operational reason; 5) signature block exactly matches public email signature scraped from LinkedIn.; DO: verify any payment change via callback to a number you held BEFORE the email; deploy DMARC + display name spoofing controls + LLM detection at the gateway.

LegalAudit peut-il verifier mon cas ?

Oui. Lancez le chat gratuit et collez le message, le lien, l'expediteur ou les details de paiement.