Sound-skwatter (Did You Mean: Sound-squatter?) AI-powered Generator for Phishing Prevention
This addresses phishing prevention for internet users and organizations by proactively identifying vulnerabilities, though it is incremental as it builds on existing AI methods for a specific security issue.
The paper tackles the problem of sound-squatting phishing attacks by introducing Sound-skwatter, an AI-based system that generates sound-squatting candidates, finding that ~10% of generated domains and ~17% of popular PyPI packages have existing candidates unknown to current protections.
Sound-squatting is a phishing attack that tricks users into malicious resources by exploiting similarities in the pronunciation of words. Proactive defense against sound-squatting candidates is complex, and existing solutions rely on manually curated lists of homophones. We here introduce Sound-skwatter, a multi-language AI-based system that generates sound-squatting candidates for proactive defense. Sound-skwatter relies on an innovative multi-modal combination of Transformers Networks and acoustic models to learn sound similarities. We show that Sound-skwatter can automatically list known homophones and thousands of high-quality candidates. In addition, it covers cross-language sound-squatting, i.e., when the reader and the listener speak different languages, supporting any combination of languages. We apply Sound-skwatter to network-centric phishing via squatted domain names. We find ~ 10% of the generated domains exist in the wild, the vast majority unknown to protection solutions. Next, we show attacks on the PyPI package manager, where ~ 17% of the popular packages have at least one existing candidate. We believe Sound-skwatter is a crucial asset to mitigate the sound-squatting phenomenon proactively on the Internet. To increase its impact, we publish an online demo and release our models and code as open source.