Escalation of AI-Powered Cyberattacks and Social Engineering Threats
Cybersecurity experts and industry reports warn of a significant increase in cyberattacks leveraging artificial intelligence, with a particular focus on social engineering, impersonation, and ransomware. According to Google Cloud Security's Cybersecurity Forecast 2026, threat actors are expected to adopt AI to enhance the speed, scale, and sophistication of attacks, including prompt injection and the use of shadow AI agents. The Verizon Mobile Security Index and Data Breach Investigations Report highlight that human error remains the leading contributor to breaches, with 60% of confirmed incidents involving a human element. AI is also making social engineering attacks, such as smishing and executive impersonation, more effective and harder to detect, especially on mobile devices.
Organizations are increasingly concerned about the risks posed by AI-powered attacks, with 34% fearing greater exposure due to AI's sophistication and 38% anticipating more dangerous ransomware. Experts recommend multi-layered defense strategies, improved AI security governance, and the adoption of AI-powered security awareness training to counteract these evolving threats. The convergence of AI-driven offensive tactics and defensive measures underscores the urgent need for CISOs to address both the opportunities and risks presented by AI in cybersecurity operations.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
2 events from the most recent confirmed update back to the earliest known activity.
Reports warn of rising AI-powered cyberattacks and extortion
SC Media and KnowBe4 published reports warning that AI-powered cyberattacks and AI-driven extortion are expected to increase in the coming year. As no specific study release date or prior event date is given, the publication date is used.
Security reports warn human error remains a leading attack factor
A KnowBe4 blog post reported that human error continues to be a major contributor to cyberattacks. The reference provides no underlying incident date, so the publication date is used as the event date.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
3 references tracked. Mallory keeps watching after this page renders.
Human Error is Still a Top Contributor to Cyberattacks
blog.knowbe4.com
Open sourceUpswing in AI-powered cyberattacks, extortion expected next year
scworld.com
Open sourceNew Study Warns of AI-Driven Extortion Attacks
blog.knowbe4.com
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
Emergence and Impact of AI-Enabled Cyberattacks and Social Engineering
Artificial intelligence is rapidly transforming the cyber threat landscape, with both financially motivated and nation-state actors leveraging AI to enhance the effectiveness and profitability of their attacks. According to Microsoft's Digital Defense Report 2025, phishing emails generated with AI are 4.5 times more likely to deceive recipients, achieving a 54% click-through rate compared to 12% for traditional phishing, and making phishing scams up to 50 times more profitable. Attackers are increasingly using AI not only to craft convincing phishing messages but also to automate multi-stage attack chains, including voice cloning and deepfake videos, which are being adopted by nation-state actors. The report highlights that AI contributed to the rise of ClickFix, which has become the most common initial access vector, accounting for 47% of attacks, surpassing phishing at 35%. Financially motivated operations now represent 52% of all known attacks, while only 4% are tied to espionage, indicating a shift in attacker priorities. Microsoft emphasizes that attackers are now 'logging in, not breaking in,' using AI-enhanced social engineering to compromise accounts through legitimate platforms. In the financial services sector, experts stress the need for robust prevention, detection, and response cycles, and recommend setting strict guardrails before deploying AI tools at scale. The distinction between AI models and AI agents is crucial, as the latter require more oversight due to their autonomous capabilities. Cloud misconfigurations remain a significant risk, underscoring the importance of security-first design in an era of AI-driven threats. The next 12–24 months are expected to see identity attacks, supply chain compromises, and AI-enabled adversaries as the dominant threats to financial institutions. Meanwhile, Chinese state-aligned threat actors have begun experimenting with AI-optimized attack chains, such as using ChatGPT and DeepSeek to generate phishing emails and enhance backdoor malware. However, early results suggest that the effectiveness of AI in the hands of less skilled actors may be limited, as demonstrated by the poor quality of phishing emails produced by the group known as DropPitch. Despite these shortcomings, the trend toward AI-driven cyberattacks is clear, and organizations are urged to adapt their defenses accordingly. The growing sophistication and accessibility of AI tools are expected to incentivize more threat actors to incorporate AI into their operations, raising the stakes for defenders across all sectors. Security leaders are advised to focus on collaboration, intelligence sharing, and continuous improvement of cyber resilience strategies to counter the evolving threat landscape. The convergence of AI with traditional attack vectors is reshaping the priorities and tactics of both attackers and defenders, making AI security a top concern for CISOs and security teams worldwide.
Mar 21, 2026
AI-Enhanced Social Engineering Threats and Defensive Strategies
Artificial intelligence is significantly amplifying the effectiveness and scale of social engineering attacks, particularly phishing and business email compromise (BEC). Reports indicate a 1,200% global surge in phishing attacks since the advent of generative AI, with AI-powered spear phishing achieving a 47% success rate even against trained security professionals. Organizations are increasingly concerned about AI-driven threats, with recent surveys showing that artificial intelligence has overtaken ransomware as the top concern for security leaders. AI enables attackers to craft highly personalized, error-free phishing messages and adapt in real time to targets' responses, making traditional detection methods less effective. The financial impact is substantial, with BEC attacks costing organizations $2.77 billion in 2024 alone. Security experts emphasize the need for organizations to understand and adapt to these evolving threats. Defensive strategies include raising awareness of AI-enhanced attack techniques, implementing advanced email filtering, and fostering a culture of vigilance among employees. While AI is a powerful tool for attackers, it is also being leveraged by defenders to automate detection and response, highlighting the importance of continuous adaptation in cybersecurity practices. The landscape is rapidly shifting, and organizations must prioritize proactive measures to mitigate the risks posed by AI-driven social engineering campaigns.
Mar 21, 2026
AI-Driven Phishing and Social Engineering Threats in 2025-2026
Security researchers and industry experts are warning of a dramatic escalation in phishing and social engineering attacks, driven by the adoption of AI by both attackers and defenders. Reports highlight that threat actors are leveraging AI to craft highly targeted, convincing phishing emails, automate attack campaigns, and reduce the time from initial compromise to full breach to under an hour. Human Resources-themed phishing, especially termination and compensation adjustment lures, have surged in Q3 and Q4, exploiting employee trust and urgency. Security teams are urged to maintain a human-in-the-loop approach, as over-reliance on AI for detection can create blind spots, and context-driven analysis is now essential to counter increasingly sophisticated tactics. Technical research and incident analysis reveal that attackers are using a variety of new techniques, including voicemail lures, open redirects, and legitimate hosting platforms to bypass traditional email security controls. The rise of mobile device attacks, supply chain threats via malicious apps, and the use of AI prompt injection in CI/CD pipelines further expand the attack surface. Experts recommend organizations strengthen mobile security, enrich detection with threat intelligence, and ensure skilled analysts remain involved in incident response to keep pace with the evolving threat landscape.
Mar 21, 2026