Emergence and Impact of AI-Enabled Cyberattacks and Social Engineering
Artificial intelligence is rapidly transforming the cyber threat landscape, with both financially motivated and nation-state actors leveraging AI to enhance the effectiveness and profitability of their attacks. According to Microsoft's Digital Defense Report 2025, phishing emails generated with AI are 4.5 times more likely to deceive recipients, achieving a 54% click-through rate compared to 12% for traditional phishing, and making phishing scams up to 50 times more profitable. Attackers are increasingly using AI not only to craft convincing phishing messages but also to automate multi-stage attack chains, including voice cloning and deepfake videos, which are being adopted by nation-state actors. The report highlights that AI contributed to the rise of ClickFix, which has become the most common initial access vector, accounting for 47% of attacks, surpassing phishing at 35%. Financially motivated operations now represent 52% of all known attacks, while only 4% are tied to espionage, indicating a shift in attacker priorities. Microsoft emphasizes that attackers are now 'logging in, not breaking in,' using AI-enhanced social engineering to compromise accounts through legitimate platforms. In the financial services sector, experts stress the need for robust prevention, detection, and response cycles, and recommend setting strict guardrails before deploying AI tools at scale. The distinction between AI models and AI agents is crucial, as the latter require more oversight due to their autonomous capabilities. Cloud misconfigurations remain a significant risk, underscoring the importance of security-first design in an era of AI-driven threats. The next 12–24 months are expected to see identity attacks, supply chain compromises, and AI-enabled adversaries as the dominant threats to financial institutions. Meanwhile, Chinese state-aligned threat actors have begun experimenting with AI-optimized attack chains, such as using ChatGPT and DeepSeek to generate phishing emails and enhance backdoor malware. However, early results suggest that the effectiveness of AI in the hands of less skilled actors may be limited, as demonstrated by the poor quality of phishing emails produced by the group known as DropPitch. Despite these shortcomings, the trend toward AI-driven cyberattacks is clear, and organizations are urged to adapt their defenses accordingly. The growing sophistication and accessibility of AI tools are expected to incentivize more threat actors to incorporate AI into their operations, raising the stakes for defenders across all sectors. Security leaders are advised to focus on collaboration, intelligence sharing, and continuous improvement of cyber resilience strategies to counter the evolving threat landscape. The convergence of AI with traditional attack vectors is reshaping the priorities and tactics of both attackers and defenders, making AI security a top concern for CISOs and security teams worldwide.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
1 event from the most recent confirmed update back to the earliest known activity.
Reports highlight AI-enabled cyber threats in October 2025
By mid-October 2025, multiple security reports and articles highlighted AI's growing role in cyber operations, including China-linked attack-chain testing in Taiwan, improved phishing effectiveness and profitability from AI-generated emails, and AI-related risks affecting financial services.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
3 references tracked. Mallory keeps watching after this page renders.
Report: Higher phishing success, profitability seen with AI emails
scworld.com
Open sourceThree Threats Reshaping Financial Services: Identity, Supply Chain, and AI
securitysenses.com
Open sourceChina Hackers Test AI-Optimized Attack Chains in Taiwan
darkreading.com
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
Escalation of AI-Powered Cyberattacks and Social Engineering Threats
Cybersecurity experts and industry reports warn of a significant increase in cyberattacks leveraging artificial intelligence, with a particular focus on social engineering, impersonation, and ransomware. According to Google Cloud Security's Cybersecurity Forecast 2026, threat actors are expected to adopt AI to enhance the speed, scale, and sophistication of attacks, including prompt injection and the use of shadow AI agents. The Verizon Mobile Security Index and Data Breach Investigations Report highlight that human error remains the leading contributor to breaches, with 60% of confirmed incidents involving a human element. AI is also making social engineering attacks, such as smishing and executive impersonation, more effective and harder to detect, especially on mobile devices. Organizations are increasingly concerned about the risks posed by AI-powered attacks, with 34% fearing greater exposure due to AI's sophistication and 38% anticipating more dangerous ransomware. Experts recommend multi-layered defense strategies, improved AI security governance, and the adoption of AI-powered security awareness training to counteract these evolving threats. The convergence of AI-driven offensive tactics and defensive measures underscores the urgent need for CISOs to address both the opportunities and risks presented by AI in cybersecurity operations.
Mar 21, 2026
AI-Driven Financial Fraud and Phishing Campaigns Targeting Financial Services
Financial services organizations are facing a surge in sophisticated fraud attempts enabled by artificial intelligence, as threat actors leverage AI tools to automate and scale their attacks. Recent reports highlight that AI is being used to craft highly convincing phishing emails and social engineering campaigns, making it increasingly difficult for traditional security measures to detect malicious activity. Attackers are utilizing generative AI to personalize messages, mimic legitimate communications, and evade standard email filters, thereby increasing the success rate of phishing attempts. In response, financial institutions are adopting advanced AI-powered security solutions designed to identify and block these next-generation threats. These defensive tools analyze behavioral patterns, detect anomalies, and adapt to evolving attack techniques, providing a dynamic shield against AI-driven fraud. The deployment of agentic AI systems allows organizations to automate threat detection and response, reducing the window of opportunity for attackers. Security teams are also leveraging machine learning to monitor transaction patterns and flag suspicious activities in real time, helping to prevent unauthorized transfers and account takeovers. The integration of AI into both offensive and defensive cyber operations marks a significant escalation in the financial fraud landscape. Experts warn that as AI technology becomes more accessible, the volume and complexity of attacks will continue to rise, necessitating ongoing investment in AI-based defenses. Training and awareness programs are being updated to educate employees about the risks posed by AI-generated phishing and social engineering. Regulatory bodies are also beginning to issue guidance on the ethical use of AI in financial services, emphasizing the need for transparency and accountability. Collaboration between industry stakeholders is increasing, with information sharing initiatives aimed at identifying emerging AI-driven threats. The rapid evolution of AI capabilities underscores the importance of proactive security strategies and continuous monitoring. Financial organizations are urged to assess their current defenses and consider the adoption of agentic AI tools to stay ahead of adversaries. The convergence of AI in both attack and defense highlights a new era in cybersecurity, where automation and intelligence are central to both risk and resilience. As the threat landscape evolves, the ability to rapidly detect and respond to AI-enabled fraud will be a key differentiator for secure financial operations.
Mar 21, 2026
AI-Enhanced Phishing Campaigns and Modern Social Engineering Tactics
Cybercriminals are increasingly leveraging artificial intelligence and advanced social engineering techniques to conduct sophisticated phishing campaigns targeting both individuals and organizations. Recent reports highlight a surge in phishing attacks that utilize AI and machine learning to craft highly personalized and convincing lures, making detection more challenging for traditional security tools. Attackers are now able to scrape social media for personal data, generate emails in a target’s native language, and automate the creation of malicious content, all with minimal effort. One notable campaign tracked since February targets social media and marketing professionals by impersonating well-known brands such as Tesla, Red Bull, and Ferrari, enticing victims to upload resumes under the guise of job opportunities. These emails employ subtle psychological tactics, such as reducing urgency to build trust, and use multi-step processes to create an illusion of legitimacy. Another observed campaign used AI to obfuscate malicious payloads within SVG files, making them harder for security filters to detect. In this case, attackers sent phishing emails from compromised small business accounts, posing as file-sharing notifications, and used self-addressed email tactics to bypass basic detection heuristics. If recipients opened the attached file, they were redirected to credential-stealing websites. Microsoft researchers noted that the complexity and structure of the malicious code suggested it was generated by a large language model, rather than written by a human. The adoption of AI by threat actors is part of a broader trend, with both defenders and attackers racing to outpace each other in the use of transformative technologies. Security experts emphasize the importance of a layered defense, recommending strong passwords, multi-factor authentication, regular software updates, and ongoing user training to identify and report suspicious content. The rise of AI-driven phishing has increased the frequency and sophistication of attacks, with some security centers now detecting a malicious email every 42 seconds. Organizations are urged to remain vigilant, as even basic threat actors can now execute complex attacks with the help of AI tools. The evolving threat landscape underscores the need for proactive monitoring, rapid incident response, and continuous education to mitigate the risks posed by these advanced phishing campaigns. As attackers continue to refine their methods, defenders must adapt by leveraging AI for detection and response, and by fostering a security-aware culture among users. The convergence of AI and phishing represents a significant escalation in cyber risk, demanding heightened attention from both technical and non-technical stakeholders.
Mar 21, 2026