Gautam Hazari

Chief Technology Officer


+44 (0) 7717 785810


How Phishing Attacks Use Human Evolution

According to Verizon’s 2023 Data Breach Investigations Report, 74% of breaches involved the human element, which includes social engineering attacks like phishing. In fact, a new phishing site is created every 11 seconds, per DataProt.

This should come as no surprise. Millions of years of human evolution have a lot to do with the issues we face in the digital world like phishing, smishing, quishing and all the other “ishings.”

Amygdala Hijacking And Phishing Attacks

Human beings’ survival instincts caused us to develop two distinct types of information-processing units within our brains:

• The frontal lobe is the rational information processor, which takes time to process information, including emotional control, and is part of conscious decision-making.

• The second part is the amygdala, which generates a fight-or-flight response. It processes the information as a threat and triggers instantaneous processes without our control, meaning we’re emotionally charged. The amygdala has been critical in our evolution and survival to detect the threat and respond in the most time-optimised way.

What does this have to do with phishing?

Amygdala hijacking is when the “fight-or-flight” response takes over after the brain has had an immediate emotional stressor, which can cause our thinking to bypass the rational brain. Fraudsters often induce amygdala hijacking to perform phishing attacks.

Consider this in the light of psychologist Dr. Robert Cialdini’s seven methods of influence. Here is how these seven methods can be used to induce amygdala hijacking and administer phishing attacks:

• Authority: A message pretending to be from the CEO or a voice call pretending to be from the tax office can cause a victim to react strongly.

• Commitment: Publicly available information from a victim’s social media about their commitments and goals can be exploited to influence phishing messages.

• Liking: Someone’s likes and dislikes are not difficult to curate from public social media posts, which can then be used to make phishing messages more personal and targeted.

• Perceptual Contrast: Humans perceive things in comparison to other things, and our mental model is relative in most cases. Our brains generally do not detect the difference between a slightly misspelled domain name of a known website, and we can be influenced to click on the link.

• Reciprocation: People are inclined toward responding to a gift or return a favour. Angler phishing utilises this insight to gain useful information about a victim.

• Scarcity: Attackers might send a phishing attack using an arbitrary deadline or expiration date to cause victims to act right away.

• Social Proof: Cyber attackers might create a post or website with fake likes or reviews to convince a potential victim that the attacker can be trusted.

Generative AI and Phishing

The recent evolution of large language models (LLMs) and the revolution of generative AI have given phishing attacks new dimensions. Before, most phishing messages were easier to spot, as the language used was not that efficient, and spelling errors were evident. Now, with access to the LLMs, the phishing messages generated by the LLMs can be much more accurate.

The attackers can potentially fine-tune LLMs on someone’s social media content and also can glean context-based information on the psychological principles of influence to influence amygdala hijacking so that the phishing messages are not just accurate—they look much more personal.

Scarily enough, attackers could fine-tune LLMs using techniques that increase the level of oxytocin and dopamine in our neurochemical system, such as techniques used by social media, so that the phishing messages will not just be accurate and personal—they may make us emotional.

Humanised Solutions

Being human is the reason for falling prey to phishing attacks—so the solution has to be humanised technology. The motivation of the attacker is to either get some secure information from the victim or influence the victim to perform some action—e.g., clicking on a link or scanning a QR code.

What if the human user does not have any secure information to hand out to the attacker? And no action to perform? In that case, the phishing attack will not succeed even if the amygdala hijacking has been triggered, and the victim will not be a victim of humanhood. This is a humanised solution.

With this in mind, here are four technology approaches that could help mitigate the risk of phishing as we venture into the world of AI:

  1. Passive Authentication: The objective of most phishing attacks is credential stealing—to get through authentication barriers and to take over an account. Authentication methods where the user is not actively involved could help prevent this, such as cryptographic authentication using passkeys or SIM-based silent-mobile-authentication.
  2. Invisible Contextual Data: Use trusted data to validate the user context. For example, mobile operator data can identify changes to the mobile device or SIM. If the user is in a call to mitigate user is under the influence, sensors in the mobile device to identify the user’s emotional presence
  3. AI-Based Message Analysis: Analyse messages sent to users using trained ML models to identify the intention, expected action and emotional sensitivity of the message.
  4. Synthetic Message Detection: Use trained ML models to detect synthetic messages—that is, messages generated by LLMs—and flag them before they reach the user.

In short, humanising technology means considering how users may respond to specific messages and attacks, making the security elements invisible for the user and the digital world safer from phishing. As Steve Jobs is credited with saying, “Technology should either be beautiful, or it should be invisible.”

Gautam Hazari is Sekura’s Chief Technology Officer and a Mobile Identity guru. He and his team have built the Sekura API Framework (SAFr) – a unique platform that connects in real-time to mobile operators to allow enterprises to build trust in their customers, prevent fraud and create awesome logins. works with the industry’s leading Identity vendors. Be part of our exclusive partner network and add best-in-class mobile identity services to your portfolio.

Already on six continents, we’re on a mission to provide truly global mobile identity coverage, Unlock your mobile network’s potential by working with