AI-driven NACE™ reveals 93% of evasive attacks bypass traditional defenses—explaining how these threats continue to reach employee inboxes

Inception Cyber, the inventors of Intent-Based Threat Prevention, announced new findings from real-world deployments of its Neural Analysis and Correlation Engine (NACE™) platform. An analysis of millions of emails across software development, manufacturing, services and large financial segments revealed that 1 in every 50 employees encountered an evasive email threat—despite existing enterprise security solutions including native security provided by cloud email providers, Secure Email Gateways (SEGs), and Integrated Cloud Email Security services (ICES).

Most notably, 93% of malicious attachments identified by NACE™ were missed by 96% of security engines on VirusTotal, underscoring the blind spots in traditional detection approaches.

These findings follow Inception Cyber’s recent public launch and $3.1M seed funding round led by Neotribe Ventures. As generative AI empowers attackers to scale, personalize, and rapidly vary phishing, ransomware, and BEC campaigns, the detection gap between legacy tools and modern threats is widening.

Cyber Technology Insights : Torq Acquires Stealth AI Startup and Adds Advanced Multi-Agent RAG Capabilities

“The threat landscape has fundamentally changed and evasive attacks are no longer edge cases—they’re the norm,” said Bill Mann, CEO and co-founder of Inception Cyber. “AI is transforming cyber threats across three dimensions—scale, precision, and variance—each one making attacks more dangerous and harder to detect. This doesn’t just mean more attacks. It means we need to prepare for better attacks—built to bypass legacy defenses and exploit human trust.”

Real-World Findings from NACE™ Deployment

Inception Cyber analyzed millions of emails across software development, manufacturing, services and large financial segments all of which were using native security from email providers, Secure Email Gateways and ICES tools. The findings highlight the massive change in attack tactics and sophistication demonstrated by human threat actors and AI.

“Current attacks are inherently evasive by design,” says Abhishek Singh, founder and CTO of Inception Cyber. “NACE™ employs a first-principles approach to detect evasive phishing URLs and malicious attachments without relying on payloads or landing pages, whether generated by threat actors or AI. By understanding the deeper meaning—intent of emails—and using it as a core feature, NACE™ overcomes the limitations of current technologies, enabling the detection of phishing, malicious attachments without malicious payloads, and BEC without the need for human behavior analysis.”

Cyber Technology Insights : Entrust Announces Industry’s First Unified Cryptographic Security Platform

FINDING #1: 1 in every 50 employees encountered an evasive email threat per month—even with existing email security tools in place.

These advanced threats slip past existing defenses by combining clever evasion techniques with the power of generative AI.

  • AI-generated emails with flawless language and tone
  • Links to legitimate domains and CAPTCHAs to appear safe
  • No links or obvious attachments, bypassing training and detection
  • Impersonation of non-VIPs such as vendors, customers, support, and sales—not just executives
  • Highly targeted phishing attacks specifically crafted for each target, using correct corporate branding and legitimate business details relevant to each recipient

FINDING #2: BEC Impersonation Trends: External Identities Now the Primary Target

Findings show that evasive BEC attacks are increasingly focused on impersonating external identities—such as vendors and customers—rather than just internal executives.

  • 32% impersonated vendors (the most common vector)
  • 15% impersonated customers
  • 22% impersonated non-executive employees
  • 20% impersonated executives

These findings challenge the conventional assumption that BEC primarily targets executives. Threat actors are shifting tactics—mimicking trusted third parties and rank-and-file employees to bypass both legacy security tools and employee training.

Cyber Technology Insights : New Paubox Report Reveals 60 Percent of Healthcare Orgs Admit Email Security Failure

FINDING #3 – Detection Performance: What Others Missed

Inception Cyber’s NACE™ platform caught evasive phishing and malicious attachments that went undetected by all other technologies.

  • 93% of SVG/HTML malicious attachments missed by 96% of AV engines in VirusTotal
  • 95% of phishing URLs missed by 98% of VirusTotal scanners

FINDING #4 – Attackers Hide Behind Multi-Stage Redirects and Legitimate CAPTCHAs to Evade Detection

Threat actors are increasingly using multi-step evasion sequences to bypass email security tools. One of the most common methods: hiding phishing pages behind legitimate CAPTCHA, services (such as Cloudflare). These CAPTCHAs are designed to stop bots—but attackers now use them to block automated scanners and sandboxes from reaching the final phishing page.

Because the actual malicious content is only revealed after a human solves the CAPTCHA, traditional detection tools are blind to the threat—letting it slip through to the user.

Evasion Sequences Observed:

  • SVG → Compromised Redirector → CAPTCHA → Phishing Page
  • HTM → Obfuscated JS → Redirector → CAPTCHA → Phishing Page
  • DOCX → QR Code → Redirector → CAPTCHA → Phishing Page

Cyber Technology Insights : Lynch Carpenter Investigates Claims in Blue Shield of California Data Breach

To participate in our interviews, please write to our CyberTech Media Room at sudipto@intentamplify.com

Source – businesswire