Sort:  

Phishing with AI is just evil

So the AI profiles the contact list, looking to maximize the highest likelihood of propagation? Or something to that effect? Seems like something a whitehat AI could also implement to predict vulnerabilities.

Better yet, a whitehat AI could create honeypot victims in the contact list, just for the blackhat AI to find. In a time-domain of milliseconds, those contacts would be shown to the blackhat AI and filtered away for humans. This would cause the blackhat AI to either risk falling into a honeypot or slow down to human time-domains.

The AI system looks at the recent emails from the victim to identify a good conversation to hijack. Then it Reply's to the new target with content that is malicious, to initiate credential theft.

It is not just harvesting contact lists, but rather looking for active email conversations. Pretty smart!