Developments of artificial intelligence (AI) have significantly impacted cybersecurity and helped innovate various types of cyberattacks, including phishing. Traditional phishing attacks have evolved into a new phenomenon called Phishing 2.0, which uses AI to generate persuasive and personalised content, making it harder to differentiate from legitimate messages. This article focuses on the ability of humans to detect AI-generated content, which is a key component of Phishing 2.0. Through a 12-question survey that included examples of different types of media (human portraits, emails, SMS messages, and fictitious company logos), we analysed respondents’ ability to detect AI-generated content versus human-generated content. The survey was conducted among selected persons involved in critical infrastructure security, transport security, crisis management, and security management. The survey results show that although respondents were able to correctly detect AI-generated content in the vast majority of cases, success rates varied across media types. This paper highlights the need to improve users’ ability to detect AI-generated content, which would reduce the risk of phishing 2.0 attacks being successful.
Madleňák et al. (Thu,) studied this question.