NGC | Catalog
CatalogCollectionsSpear Phishing Detection

Spear Phishing Detection

Logo for Spear Phishing Detection
Use generative AI to improve the detection of spear phishing emails.
January 31, 2024
Sorry, your browser does not support inline SVG.
Helm Charts
Sorry, your browser does not support inline SVG.
Sorry, your browser does not support inline SVG.
Sorry, your browser does not support inline SVG.


With NVIDIA NeMo and Morpheus, the lack of available training data to create such spear phishing detectors is now an issue of the past. The NVIDIA Morpheus cybersecurity AI framework provides a Natural Language Processing (NLP) model that has been trained using synthetic emails generated by NeMo to identify spear phishing attempts. Morpheus is able to infer whether an email is spear phishing or not by first determining the intent of the email: whether it is seeking financial information, requesting cryptocurrency, or asking for personal financial information, such as account and routing numbers. Morpheus then combines the intent of the message with anonymized historical data of the sender, including syntactic analysis, message timing, and previous intentions. The spear phishing model incorporates all of this data into an actionable result.

To reduce the time to develop a phishing detection solution, NVIDIA has developed the Spear Phishing Detection AI Workflow. This workflow leverages NVIDIA Morpheus, the open-source Postfix mail server, a PostgreSQL database, as well as a series of pre-trained models using generative AI techniques. Model inference occurs within the Morpheus pipeline, where a score is generated, correlating the classification of the message’s intent based upon its content. The end-user is then notified to verify the safety of the email, which was flagged by the AI model, for intent confirmation. This feedback can then be used to re-train the model and generate additional training emails.

Figure 1. Spear Phishing Architecture Diagram

Using the spear phishing AI workflow, developers can access:

  • NLP pre-trained models to analyze and classify emails for identifying spear phishing attempts.

  • Inference pipeline for spear phishing detection.

  • A reference solution deployment in production, including components like logging and monitoring the workflow.

  • Cloud-native deployable bundle packaged as a single helm chart.

Key benefits of the spear phishing detection AI workflow include:

  • Higher accuracy: Detect spear phishing emails with as much as 21% better accuracy over traditional detection mechanisms.

  • Faster time to detect: Generate new intent models at scale and achieve more accurate results with as few as 24 hours of training.

  • Mitigate risk: Provide AI-powered insights for more automated threat detection and faster response times.

Getting Started

To get started, review the documentation linked below for more information on what is included in the workflow, and how to deploy and run the workflow.


Additional Resources

Leverage the NVIDIA Morpheus SDK to build your own AI-based cybersecurity solutions.

Learn more about how to use NVIDIA Morpheus through our Deep Learning Institute platform. Access the course here.

Contact NVIDIA to learn more about options for accessing the spear phishing detection AI workflow and NVIDIA Morpheus.


By pulling and using the containers or Helm Charts, you accept the terms and conditions of this End User License Agreement.