Portuguese 
English 
Spanish 
3 min of reading 
0 comments 
With the Advancement of Artificial Intelligence, Cybercriminals Can Quickly Analyze Online Data, Creating Sophisticated Phishing Strategies That Fool Even the Most Advanced Security Systems
We celebrate the fact that artificial intelligence is transforming various industries, but not all affected industries are legitimate to the same extent: it has also served to arm cybercriminals with more sophisticated tools to execute phishing scams.
According to cybersecurity experts and recent reports from companies like the e-commerce giant eBay or the multinational insurance company Beazley, ultra-sophisticated and personalized phishing scams based on AI have started to proliferate, which presents a major challenge, as users continue to fall for much less elaborate phishing campaigns.
The Impact of Artificial Intelligence on Phishing
AI allows hackers, through the rapid analysis of large amounts of data about an individual or a company, to replicate their style and tone to craft convincing emails that are difficult to detect as fraudulent. According to Kirsty Kelly, information security director at Beazley:
“It is getting worse and becoming more personalized. That’s why we suspect that AI is largely behind this”.
-
The solid-state battery, promised for years as the future of electric cars, is finally starting to move from the laboratory to mass production.
-
Three teenagers surprise the world by creating a powder with tamarind seeds that removes microplastics from water, requires no electricity, and wins an international prize of $12,500 at The Earth Prize 2026.
-
China prepares a “panoramic Hubble” with 2.5 billion pixels and a field of view 300 times larger: Xuntian will have a 2-meter mirror, resolution close to that of the American telescope, can dock at the Tiangong space station for maintenance, and promises to map 40% of the sky in a decade.
-
The deepest underground copper mine in Chile is digging deeper and deeper in search of the metal the world needs to electrify.
This extreme personalization is achieved by analyzing online profiles and activities on social networks, which also enables attackers to identify which topics may attract or convince victims. For example, an executive might receive an apparently legitimate email related to a recent project mentioned on LinkedIn.
Kip Meintzer from cybersecurity firm Check Point Software Tech stated during a recent investors’ conference that AI has given hackers “the ability to write the perfect phishing email”.
These hyper-personalized tactics significantly increase the likelihood of success of attacks.
Advantages of Artificial Intelligence for Cybercriminals
Nadezda Demidova, a cybersecurity researcher at eBay, explained that the availability of generative AI tools has significantly lowered the barriers to entry for cybercrime (i.e., it is no longer necessary to be a tech expert to launch virtual scam campaigns).
These tools not only allow for the creation of convincing emails but also enable quick adaptations to bypass corporate security filters.
Moreover, AI can scan codes and analyze human processes to identify vulnerabilities, according to Sean Joyce, global cybersecurity leader at PwC. This means that even companies with sophisticated defense systems are vulnerable to targeted attacks.
The Reach of Scams and Their Financial Impact
More than 90% of successful cyberattacks begin with a phishing email attack, according to the U.S. Cybersecurity and Infrastructure Security Agency (CISA). This method of attack is not only effective but also quite costly for victims, especially when it comes to businesses.
A specific type of attack that has gained prominence is known as ‘BEC’, in which scammers deceive recipients (posing as an executive or supplier) into transferring funds or sharing sensitive information without using malware.
According to the FBI, this type of fraud has resulted in losses exceeding $50 billion worldwide since 2013.
What Can Companies and Users Do?
In light of this scenario, both companies and individuals must adopt more proactive strategies to mitigate the risk of AI-driven phishing attacks:
Continuous Education: Cybersecurity training must evolve to include examples of hyper-personalized emails and other emerging strategies driven by artificial intelligence.
Investments in Technology: Organizations need to implement AI-based detection systems that can identify anomalous patterns in emails, even when they appear highly personalized.
Constant Monitoring of Online Profiles: Reducing the amount of publicly available personal information can make it more difficult for attackers to collect relevant data for their scams.
Be the first to react!