A Taxonomy and Multi-Layered Defense Framework for Generative AI-Powered Phishing Campaigns on Social Media Platforms
Akter, Tanzina (2025-08-07)
A Taxonomy and Multi-Layered Defense Framework for Generative AI-Powered Phishing Campaigns on Social Media Platforms
(07.08.2025)
Julkaisu on tekijänoikeussäännösten alainen. Teosta voi lukea ja tulostaa henkilökohtaista käyttöä varten. Käyttö kaupallisiin tarkoituksiin on kielletty.
avoin
Julkaisun pysyvä osoite on:
https://urn.fi/URN:NBN:fi-fe2025080881888
https://urn.fi/URN:NBN:fi-fe2025080881888
Tiivistelmä
This research aims to analyze the increasing threat of generative AI-powered phishing campaigns on social media platforms. Social media platforms are the prime targets for attackers because it has a huge amount of user information. Attackers try to mislead users and steal information by utilizing advanced AI technologies, such as Large Language Models (LLMs), deepfakes, and automated bots. The primary goal of this research is to design a structured taxonomy and multi-layered defense framework. The proposed taxonomy helps to classify the attacks, and the defense framework will detect and mitigate phishing. The study adopts a mixed-method approach to validate the proposed taxonomy. It includes a literature review to identify existing gaps, a survey to understand user awareness, and interviews with experts to collect real-world experiences. Thematic analysis of interview data is done by using Braun and Clarke’s six-phase framework to extract recurring patterns and validate the proposed taxonomy.
This study examines the five core dimensions of the taxonomy, such as generative modality, phishing vector, platform feature exploited, target profile, and delivery/automation pattern. This dimension helps to understand how the phishing content is created, how it is delivered, which platform features are exploited, who is being targeted, and how automation is used. It helps researchers, professionals, and security teams to identify patterns, understand attacker behavior, and adapt response strategies. The validation of the dimension is done by describing recent cases, a social media users survey, and conducting interviews. The results reveal that AI-generated phishing campaigns are difficult to detect due to their fluency, personalization, and use of trusted channels. Based on these findings, a defense framework is introduced that consists of four interconnected layers: Integration, Detection, Response, and Feedback & Learning.
The study concludes that existing solutions are becoming outdated due to the fast growth of AI-generated phishing. The research emphasizes the need for better user education and stronger platform controls to stay updated. It proposes to create an open-access community resource based on the taxonomy and defense framework as a key recommendation. This resource would help users, researchers, and cyber security professionals to share real experiences, track new phishing techniques, and keep the framework updated. Overall, this research provides a strong foundation for improving protection against AI-generated phishing threats.
This study examines the five core dimensions of the taxonomy, such as generative modality, phishing vector, platform feature exploited, target profile, and delivery/automation pattern. This dimension helps to understand how the phishing content is created, how it is delivered, which platform features are exploited, who is being targeted, and how automation is used. It helps researchers, professionals, and security teams to identify patterns, understand attacker behavior, and adapt response strategies. The validation of the dimension is done by describing recent cases, a social media users survey, and conducting interviews. The results reveal that AI-generated phishing campaigns are difficult to detect due to their fluency, personalization, and use of trusted channels. Based on these findings, a defense framework is introduced that consists of four interconnected layers: Integration, Detection, Response, and Feedback & Learning.
The study concludes that existing solutions are becoming outdated due to the fast growth of AI-generated phishing. The research emphasizes the need for better user education and stronger platform controls to stay updated. It proposes to create an open-access community resource based on the taxonomy and defense framework as a key recommendation. This resource would help users, researchers, and cyber security professionals to share real experiences, track new phishing techniques, and keep the framework updated. Overall, this research provides a strong foundation for improving protection against AI-generated phishing threats.