Phishing has long been a staple of cybercrime, historically betrayed by clumsy spells, suspicious URLs and inadequate formats. But today the rules have changed. What once required technical knowledge, time and effort can easily be done by virtually anyone.
Thanks to simple access to generative AI, automation and malicious toolkits, barriers to cybercrime invasion are rapidly collapsing. Phishing emails are now persuasive, branded and often over-personalized. DeepFake audio and video tools allow you to impersonate trustworthy individuals in real time.
Even entry-level attackers can now deploy high-quality campaigns that look and sound legitimately. Ironically, spelling errors may be the only clue that messages have been created by real humans rather than AI.
You might like it
Meanwhile, throughout the business world, defender interests are rising rapidly. As multi-channel attacks grow in scale and refinement, even experienced employees are at the expense of them. In this new landscape, the cost of omission is not just a data breach, but operational disruption, economic loss, and permanent reputational damage. Discover how advances in technology such as AI can expand the talent pool of threat actors.
Opentext Cybersecurity’s Senior Principal Solutions Consultant.
Social engineering is now scalable
Phishing may be evolving, but it still lies on the same psychological tricks of urgency, trust and fear. However, if fraud was once common and mass-distributed, AI now allows attackers to tune them at scale. result? Spear phishing spear phishing – Targeted messages created in context to deceive a particular individual.
According to the Opentext 2025 Cybersecurity Threat Report, November 2024 saw the highest spear percentage to date, accounting for 56.56% of all fishing activities. Attackers no longer have to choose volume and precision. You can make the most of both worlds. And as users are increasingly conditioned to trust their branded platforms, phishing emails delivered via Google Docs or Amazon AWS (“Living Off the Land” technique) are sliding past defenses that are not checked.
The democratization of this tool means cybercrime no longer requires deep expertise. Just access the right AI tools and some stolen credentials. This is a worrying trend for businesses that rely on traditional training to build user awareness. Maintaining PACE means constantly updating your training to reflect new tactics, especially those blending email, SMS, audio and video across the channel.
AI and Automation, Cybercrime’s Force Multiplier
The rise in generated AI has redefine the threat of phishing. Not only is the message more persuasive, it’s faster to build campaigns, harder to detect, and significantly more dangerous. Deepfake, once a territory of state actors, is now available to anyone with an internet connection.
This sharp rise in the refinement of attacks is reflected in the infection trend. In 2024, business PC malware infections jumped again from 1.86% to 2.39%, the most sharp increase since 2020. For consumers, 56% is even higher.
Attackers are increasingly using .ZIP files as a delivery mechanism. Currently, it is the most popular format for malware-containing attachments, accounting for 53% of the total. Their perceived legitimacy, combined with password protection (often often provided via email), creates a storm of complete trust and risk.
Not only does AI improve the quality of phishing, it also removes the learning curve. That’s what makes today’s threat environment fundamentally different from two years ago.
To counter this, organizations need to fight fire with fire. Deploy AI-enabled security tools that learn and adapt as quickly as attackers’ methods evolve.
From your inbox to your checkout
Phishing is no longer limited to your email inbox. The attackers have expanded into ecommerce, financial platforms and cryptocurrency ecosystems. Users are digitally engaged and make decisions quickly.
During busy shopping periods, scammers launch fake order confirmations and spoofed storefronts to steal payment details. Fraudulent investment schemes targeting decentralized finance and crypto wallets are also on the rise, often designed with the same social engineering techniques found in traditional phishing.
The Opentext report points out that phishing attacks are becoming more conscious, with over 235 million malware emails being quarantined in 2024. ZIP attachments dominate because of the effects of user skepticism and the ability to hide malicious content in security guises. This shift highlights important points. Phishing is no longer just about access — it’s about fraud, economic theft and long-term compromise. The digital trust model that underpins modern commerce has been weaponized.
Cybersecurity strategies need to span customer journeys, supply chains, and transaction flows, as well as internal email systems.
from now on
Phishing has evolved into a democratized AI-powered weapon used by threat actors of all skill levels to misuse human trust and unlock IT infrastructure. The tool is widely available, the learning curve is shrinking, increasing the outcome of one successful attack.
This new era requires a new way of thinking. Defensive efforts must move from reactive to aggressive, combining real-time threat detection with intelligent automation and ongoing user education. Our data shows that companies using layered defenses such as endpoints and DNS protections experience 19.4% less infections than those rely solely on endpoint security.
In short, cyber resilience is no longer just a competitive advantage – it is essential for survival.
Business leaders must act now. Audit digital defense, modernize detection tools, and facilitate cyber recognition and response preparation at all levels. This is because if an attacker can operate with minimal effort, organizations need to respond with the utmost intention.
List the best online cybersecurity courses.
This article was produced as part of TechRadarpro’s Expert Insights Channel. Here we present the best and brightest minds in the tech industry today. The views expressed here are those of the authors and are not necessarily those of Techradarpro or Future PLC. If you’re interested in contributing, please visit: https://www.techradar.com/news/submit-your-story-to-techradar-pro
