AI-Enhanced Phishing Campaigns and Modern Social Engineering Tactics
Cybercriminals are increasingly leveraging artificial intelligence and advanced social engineering techniques to conduct sophisticated phishing campaigns targeting both individuals and organizations. Recent reports highlight a surge in phishing attacks that utilize AI and machine learning to craft highly personalized and convincing lures, making detection more challenging for traditional security tools. Attackers are now able to scrape social media for personal data, generate emails in a target’s native language, and automate the creation of malicious content, all with minimal effort. One notable campaign tracked since February targets social media and marketing professionals by impersonating well-known brands such as Tesla, Red Bull, and Ferrari, enticing victims to upload resumes under the guise of job opportunities. These emails employ subtle psychological tactics, such as reducing urgency to build trust, and use multi-step processes to create an illusion of legitimacy. Another observed campaign used AI to obfuscate malicious payloads within SVG files, making them harder for security filters to detect. In this case, attackers sent phishing emails from compromised small business accounts, posing as file-sharing notifications, and used self-addressed email tactics to bypass basic detection heuristics. If recipients opened the attached file, they were redirected to credential-stealing websites. Microsoft researchers noted that the complexity and structure of the malicious code suggested it was generated by a large language model, rather than written by a human. The adoption of AI by threat actors is part of a broader trend, with both defenders and attackers racing to outpace each other in the use of transformative technologies. Security experts emphasize the importance of a layered defense, recommending strong passwords, multi-factor authentication, regular software updates, and ongoing user training to identify and report suspicious content. The rise of AI-driven phishing has increased the frequency and sophistication of attacks, with some security centers now detecting a malicious email every 42 seconds. Organizations are urged to remain vigilant, as even basic threat actors can now execute complex attacks with the help of AI tools. The evolving threat landscape underscores the need for proactive monitoring, rapid incident response, and continuous education to mitigate the risks posed by these advanced phishing campaigns. As attackers continue to refine their methods, defenders must adapt by leveraging AI for detection and response, and by fostering a security-aware culture among users. The convergence of AI and phishing represents a significant escalation in cyber risk, demanding heightened attention from both technical and non-technical stakeholders.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
2 events from the most recent confirmed update back to the earliest known activity.
Job-themed spear-phishing targets influencers with Tesla and Red Bull lures
Dark Reading reported a spear-phishing campaign aimed at influencers, using fake job opportunities tied to brands such as Tesla and Red Bull as lures. The campaign was disclosed as active at the time of publication.
AI-assisted phishing campaign using evasive techniques is reported
KnowBe4 reported a phishing campaign that used AI tools to help craft messages and evade detection. The reference indicates the campaign was active by the time of publication, but provides no earlier specific event date.
Sources
3 references tracked. Mallory keeps watching after this page renders.
Cybersecurity Awareness Month - 4 Key Tactics to Prevent Phishing
cofense.com
Open sourceCalling All Influencers: Spear-Phishers Dangle Tesla, Red Bull Jobs
darkreading.com
Open sourceNew Phishing Campaign Uses AI Tools to Evade Detection
blog.knowbe4.com
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
AI-Driven Phishing and Social Engineering Threats Escalate in Europe and Beyond
Phishing remains the dominant initial access vector for cyberattacks across Europe, accounting for 60% of incidents between July 2024 and June 2025, as reported by the European Union Agency for Cybersecurity (ENISA). The proliferation of Phishing-as-a-Service (PhaaS) platforms, such as Whisper 2FA, has enabled attackers to automate and scale their operations, targeting a wide range of brands including Microsoft 365, Adobe, and DocuSign. These kits now incorporate advanced features like AJAX-based real-time credential and multi-factor authentication code capture, dense encoding, anti-debugging, and browser freezing to evade detection and analysis. ENISA highlights that AI tools have fundamentally reshaped the threat landscape, with large language models (LLMs) being leveraged to enhance phishing campaigns and automate social engineering, resulting in AI-supported phishing representing over 80% of observed social engineering activity worldwide by early 2025. The report also notes a significant rise in attacks targeting the AI supply chain, with adversaries corrupting components used in AI development and deployment. The sophistication of phishing attacks is further demonstrated by the integration of AI-generated lures, deepfakes, and synthetic media, which are increasingly used in vishing, impersonation, and fraud schemes. The use of AI has not only increased the volume and success rate of phishing campaigns but has also introduced new risks, as AI systems themselves become targets for exploitation. Supply chain attacks have intensified, with threat actors abusing critical digital dependencies to maximize impact, often by targeting customers of compromised organizations. The evolution of phishing tactics is also evident in the widespread adoption of clickbait scams, which use sensationalized headlines and engaging visuals to lure victims into revealing sensitive information or installing malware. Despite increased awareness and training, organizations continue to struggle with the effectiveness of phishing prevention, as attackers adapt their methods to bypass traditional defenses. The ENISA Threat Landscape 2025 report underscores the urgent need for organizations to update their security frameworks, enhance identity and access management, and adopt advanced detection and response strategies to counter the growing threat posed by AI-driven phishing and social engineering attacks. The convergence of AI, automation, and supply chain vulnerabilities has created a complex and rapidly evolving threat environment that demands continuous vigilance and innovation in cybersecurity practices.
Mar 21, 2026
AI-Driven Phishing and Social Engineering Threats in 2025-2026
Security researchers and industry experts are warning of a dramatic escalation in phishing and social engineering attacks, driven by the adoption of AI by both attackers and defenders. Reports highlight that threat actors are leveraging AI to craft highly targeted, convincing phishing emails, automate attack campaigns, and reduce the time from initial compromise to full breach to under an hour. Human Resources-themed phishing, especially termination and compensation adjustment lures, have surged in Q3 and Q4, exploiting employee trust and urgency. Security teams are urged to maintain a human-in-the-loop approach, as over-reliance on AI for detection can create blind spots, and context-driven analysis is now essential to counter increasingly sophisticated tactics. Technical research and incident analysis reveal that attackers are using a variety of new techniques, including voicemail lures, open redirects, and legitimate hosting platforms to bypass traditional email security controls. The rise of mobile device attacks, supply chain threats via malicious apps, and the use of AI prompt injection in CI/CD pipelines further expand the attack surface. Experts recommend organizations strengthen mobile security, enrich detection with threat intelligence, and ensure skilled analysts remain involved in incident response to keep pace with the evolving threat landscape.
Mar 21, 2026
AI-Enhanced Social Engineering Threats and Defensive Strategies
Artificial intelligence is significantly amplifying the effectiveness and scale of social engineering attacks, particularly phishing and business email compromise (BEC). Reports indicate a 1,200% global surge in phishing attacks since the advent of generative AI, with AI-powered spear phishing achieving a 47% success rate even against trained security professionals. Organizations are increasingly concerned about AI-driven threats, with recent surveys showing that artificial intelligence has overtaken ransomware as the top concern for security leaders. AI enables attackers to craft highly personalized, error-free phishing messages and adapt in real time to targets' responses, making traditional detection methods less effective. The financial impact is substantial, with BEC attacks costing organizations $2.77 billion in 2024 alone. Security experts emphasize the need for organizations to understand and adapt to these evolving threats. Defensive strategies include raising awareness of AI-enhanced attack techniques, implementing advanced email filtering, and fostering a culture of vigilance among employees. While AI is a powerful tool for attackers, it is also being leveraged by defenders to automate detection and response, highlighting the importance of continuous adaptation in cybersecurity practices. The landscape is rapidly shifting, and organizations must prioritize proactive measures to mitigate the risks posed by AI-driven social engineering campaigns.
Mar 21, 2026