| ▲ | pcthrowaway 4 days ago | |
Is this not a good use case for AI in your email client (local-only to avoid more opportunities for data to leak)? Have the client-embedded AI view the email to determine if it contains a link to a purported service. Remotely verify if the service URL domain is valid, by comparing to the domains known for that service If unknown, show the user a suspected phishing message. This will occasionally give a false positive when a service changes their sending domain, but the remote domain<->service database can then be updated via an API call as a new `(domain, service)` pair for investigation and possible inclusion. I feel like this would mitigate much of the risk of phishing emails slipping past defenses, and mainly just needs 2 or 3 API calls to service once the LLM has extracted the service name from the email. | ||
| ▲ | mwkaufma 4 days ago | parent [-] | |
No, the solution to a security problem is not to radically increase the vulnerable attack surface. | ||