LEGALAUDIT

Scam Watch

Come riconoscere LLM written BEC email — perfect grammar across languages, no telltale typos?

In breve

Threat actors use ChatGPT / Claude / local LLMs to write Business Email Compromise lures in flawless English, Italian, German, French, Mandarin etc. Removes the historical 'broken grammar' filter. Tells: 1) tone is templated formal but...

Come funziona

Threat actors use ChatGPT / Claude / local LLMs to write Business Email Compromise lures in flawless English, Italian, German, French, Mandarin etc. Removes the historical 'broken grammar' filter. Tells: 1) tone is templated formal but...

Indicatori rossi

  • Pressione urgente a cliccare, pagare o condividere codici subito.
  • Link o mittente che non corrispondono all'organizzazione ufficiale.
  • Richiesta di carta, password, OTP, firma wallet o bonifico.

Cosa fare

  1. 1true vendor email which carries a reply chain); 3) uses generic urgency phrasing ('please action ASAP', 'before end of day'); 4) requests change of payment details with no operational reason; 5) signature block exactly matches public email signature scraped from LinkedIn.
  2. 2DO: verify any payment change via callback to a number you held BEFORE the email; deploy DMARC + display name spoofing controls + LLM detection at the gateway.

Fonte

Microsoft-Digital-Defense-Report-2024

Fonte verificata da Mythos Forensic Team

https://www.microsoft.com/security/security-insider/microsoft-digital-defense-report-2024

FAQ

LLM written BEC email — perfect grammar across languages, no telltale typos e una truffa reale?

Si. Tratta messaggi, chiamate o richieste di pagamento come sospette finche non le verifichi da un canale ufficiale.

Quali sono i primi segnali?

Pressione urgente a cliccare, pagare o condividere codici subito.; Link o mittente che non corrispondono all'organizzazione ufficiale.; Richiesta di carta, password, OTP, firma wallet o bonifico.

Cosa devo fare subito?

true vendor email which carries a reply chain); 3) uses generic urgency phrasing ('please action ASAP', 'before end of day'); 4) requests change of payment details with no operational reason; 5) signature block exactly matches public email signature scraped from LinkedIn.; DO: verify any payment change via callback to a number you held BEFORE the email; deploy DMARC + display name spoofing controls + LLM detection at the gateway.

LegalAudit puo controllare il mio caso?

Si. Apri la chat gratis e incolla messaggio, link, mittente o dati di pagamento per un triage.