Business Email Compromise (BEC) is a sophisticated social engineering threat that manipulates organizational hierarchies, leading to significant financial damage. According to the 2024 FBI Internet Crime Report, BEC accounts for over $2.9 billion in annual losses, presenting a massive economic asymmetry: the financial cost of a False Negative (fraud loss) exceeds the operational cost of a False Positive (manual review) by a ratio of approximately 5,480:1. This paper contrasts two detection paradigms: a Forensic Psycholinguistic Stream (CatBoost), which analyzes linguistic cues like urgency and authority with high interpretability, and a Semantic Stream (DistilBERT), which utilizes deep learning for contextual understanding. We evaluated both streams on a hybrid dataset (N=7,990) containing human-legitimate and AI-synthesized adversarial fraud. Benchmarked on Tesla T4 infrastructure, DistilBERT achieved near-perfect detection on synthetic threats (AUC >0.99, F1 =0.998) with acceptable real-time latency (7.4 ms). CatBoost achieved competitive detection (AUC =0.991, F1 =0.949) at 8.4x lower latency (0.8 ms) with negligible resource consumption. We conclude that while DistilBERT offers maximum accuracy for GPU-equipped organizations, CatBoost provides a viable, cost-effective alternative for edge deployments. Both approaches demonstrate a theoretical ROI exceeding 99.9% when optimized via cost-sensitive learning.
翻译:商业电邮诈骗(BEC)是一种利用组织层级结构进行操纵的复杂社会工程威胁,可造成重大财务损失。根据2024年FBI互联网犯罪报告,BEC每年导致超过29亿美元损失,呈现出巨大的经济不对称性:漏报(欺诈损失)的财务成本超出误报(人工审核)运营成本的比例约为5,480:1。本文对比两种检测范式:取证心理语言学流(CatBoost)通过分析紧迫性、权威性等高可解释性语言特征,以及语义流(DistilBERT)利用深度学习进行上下文理解。我们在包含人工合法邮件与AI合成对抗欺诈的混合数据集(N=7,990)上评估了两种范式。基于Tesla T4基础设施的基准测试显示,DistilBERT对合成威胁实现了近乎完美的检测(AUC >0.99, F1 =0.998),实时延迟可接受(7.4毫秒);CatBoost以降低8.4倍的延迟(0.8毫秒)和可忽略的资源消耗实现了竞争性检测(AUC =0.991, F1 =0.949)。我们的结论是:虽然DistilBERT为配备GPU的组织提供了最高精度,但CatBoost为边缘部署提供了可行且具成本效益的替代方案。两种方法通过成本敏感学习优化后,均展现出超过99.9%的理论投资回报率。
微信扫码咨询专知VIP会员