AI Phishing
AI phishing is collapsing the cost of believable deception.
Cofense reported that malicious phishing emails reached inboxes at a rate of one every 19 seconds in 2025, more than double the 2024 pace of one every 42 seconds. The same report describes AI as enabling polymorphic phishing, adaptive pages, unique URLs and thousands of campaign variants.
The old phishing model was:
Spray, hope, reuse templates.
The new phishing model is:
Generate, personalize, mutate, test, resend.
That matters because attackers no longer need perfect language skills, local cultural knowledge or manual research. AI lets them create convincing business messages at scale.
Why is it a Problem?
Phishing used to have friction.
Attackers needed templates, language ability, brand impersonation assets, infrastructure, timing, targeting data and some level of operational discipline.
Generative AI removes much of that friction.
LLMs can produce polished business language, translate messages into local tone, rewrite the same lure hundreds of ways and personalize content using public data. Cofense describes AI as now being core infrastructure for phishing operations, not just an experimental attacker tool.
The result is not only more phishing.
It is phishing that looks less like phishing.
How to defend?
AI-phishing defense companies combine:
Email security
Identity protection
Browser security
Endpoint detection
User reporting
Post-delivery remediation
Behavioral analytics
Helpdesk verification
Payment-workflow controls
Security awareness training
The winning products do not only ask:
“Is this email malicious?”
They ask:
“Is this message, identity, link, device, session, vendor request and business action consistent with reality?”
That is the shift.
AI phishing is no longer only an inbox problem.
It is a business-process integrity problem.
Email Security Platforms
Proofpoint
Human-centric email security platform focused on phishing, URL defense, QR-code threats, impersonation, account takeover and security awareness. Proofpoint reported major growth in URL-based threats, including a nearly 400% increase in ClickFix malware campaigns and more than 4.2 million QR-code phishing threats in H1 2025.
Mimecast
Enterprise email and collaboration security platform positioned around threat detection, impersonation protection, resilience and awareness.
Microsoft Defender for Office 365
Native Microsoft 365 security layer for Exchange Online, Teams and M365-connected workflows. Microsoft says it screens around 5 billion emails daily for malware and phishing and processes 100 trillion security signals daily across its security ecosystem.
Cofense
Post-delivery phishing defense platform built around user reporting, phishing intelligence and response. Cofense’s 2026 report emphasizes AI-driven phishing that bypasses standard security layers and requires post-delivery visibility.
Behavioral AI / BEC Defense
Abnormal AI
Behavioral email security platform focused on business email compromise, vendor email compromise and relationship-based attacks. Abnormal AI’s 2026 Attack Landscape Report found that 61% of BEC is vendor-related, while phishing represented 58% of all attacks in its analyzed dataset.
Material Security
Email and account-protection platform focused on reducing mailbox compromise blast radius.
Sublime Security
Programmable email security platform where teams can build, tune and share detection logic against modern phishing and social-engineering attacks.
Awareness and Human-Risk Platforms
KnowBe4
Security awareness and phishing simulation platform focused on reducing employee susceptibility through recurring training and testing.
Hoxhunt
Human-risk platform combining phishing simulation, reporting and training. Hoxhunt reported a 14x surge in AI-generated phishing attacks that bypassed filters and reached inboxes during the 2025 holiday period, with the trend continuing into 2026.
Cofense PhishMe
Simulation and reporting layer connected to Cofense’s broader phishing-defense ecosystem.
Identity and Session Defense
Microsoft Entra ID Protection
Identity-risk detection, Conditional Access and session-control layer for Microsoft environments.
Okta
Identity platform relevant to phishing-resistant authentication, session policies and SaaS access governance.
CrowdStrike / Zscaler / Netskope / Cloudflare
Security platforms increasingly positioned around post-click protection, browser security, identity signals, endpoint telemetry and cloud access controls.
Deepfake and Voice Phishing Defense
Pindrop / Reality Defender / Synthetic Media Detection Vendors
Focused on detecting voice, video and synthetic identity manipulation as phishing moves into calls, video meetings and helpdesk workflows.
Deepfake-enabled fraud and voice phishing are growing because attackers can impersonate executives, vendors, job applicants and internal staff in real time. Keepnet’s 2026 deepfake analysis highlights rapid growth in deepfake incidents, synthetic voice fraud and deepfake-enabled phishing/fraud attempts.
What does the future look like?
1. AI phishing becomes the default phishing mode.
Most phishing will become AI-assisted, AI-varied or AI-personalized.
The market will stop asking whether a phishing email was AI-generated and start assuming that it was.
2. MFA bypass becomes the board-level phishing story.
MFA still matters.
But attackers increasingly target session tokens, OAuth consent, device-code flows and adversary-in-the-middle paths.
Microsoft’s 2025 security reporting emphasizes identity and cloud resilience because attackers increasingly abuse legitimate access paths rather than only breaking in through malware.
3. Email security merges with identity security.
The inbox is only the first touchpoint.
The real damage happens after the click:
Token theft
Mailbox rule creation
OAuth consent
Invoice fraud
Lateral movement
Vendor payment redirection
Helpdesk manipulation
Vendors that connect email signals to identity, endpoint, browser and payment workflows will beat vendors that only quarantine messages.
4. QR phishing and mobile phishing keep growing.
QR codes move the user from managed corporate email to a personal or less-protected mobile device.
Proofpoint reported more than 4.2 million QR-code phishing threats in H1 2025, while URL-based attacks became a preferred delivery mechanism.
5. Vendor impersonation beats CEO impersonation.
Classic BEC was:
“The CEO needs a wire transfer.”
Modern BEC is:
“Your real vendor changed banking details.”
That is harder to detect because the supplier relationship is real, the payment process is normal and the requested action fits an existing workflow.
Abnormal AI found vendor-related BEC now accounts for the majority of BEC, with vendor-related attacks at 61%.
How do you prepare?
AI-phishing readiness assessments
Offer a fixed-scope assessment for companies that want to know:
Can users identify AI-generated phishing?
Can helpdesk agents resist deepfake pressure?
Can finance validate vendor bank-detail changes?
Can the Microsoft 365 tenant detect token or session compromise?
Can management prove readiness to auditors or insurers?
BEC workflow hardening
Do not sell only awareness training.
Sell control over the workflows attackers monetize:
Vendor bank-account changes
Payroll updates
Privileged access requests
Password resets
MFA resets
Shared mailbox access
Finance approvals
Executive assistant workflows
Microsoft 365 phishing-resilience package
For Microsoft-heavy enterprises, package the work into a repeatable offer:
Defender for Office 365 policy review
Safe Links / Safe Attachments validation
Anti-phishing policy tuning
External sender labeling
DMARC / DKIM / SPF validation
Entra Conditional Access review
MFA method hardening
OAuth app consent review
Mailbox forwarding audit
Inbox rule monitoring
User-reported message workflow
Incident response playbook
What risks are left?
Detection Arms Race
AI makes phishing polymorphic. Static signatures, known URLs and attachment hashes lose value when each message, URL and file variant is unique. Cofense reported that AI phishing increasingly uses unique URLs, unique file hashes and adaptive delivery patterns.
False Confidence in MFA
MFA reduces risk but does not eliminate phishing risk. Session theft, AiTM flows and OAuth consent abuse can still turn a click into access.
Deepfake Escalation
Voice and video phishing will hit finance, HR, executives and helpdesks before many companies have written verification procedures.
Tool Sprawl
Email security, identity security, EDR, browser security and awareness platforms all claim part of the phishing problem. Buyers may overpay for overlapping controls without knowing which layer actually reduces loss.
Key Lessons
AI phishing is not simply a better phishing email.
It is a better attack against business workflows.
The target is not only the inbox.
The target is the process behind the inbox.
The strongest defense is layered control:
Authentication hardening
Session protection
Email detection
Browser protection
User reporting
Vendor verification
Payment validation
Helpdesk identity proofing
Post-delivery remediation
Audit-ready evidence
Hot Takes
Grammar mistakes are dead as a phishing signal.
The new signal is context:
Is this vendor request normal?
Is this device expected?
Is this OAuth consent unusual?
Is this QR flow moving the user out of managed controls?
Is this bank-detail change independently verified?
Is this helpdesk request coming through an approved channel?
The best phishing-defense vendors will look less like email filters and more like business-process firewalls.
False beliefs
“AI phishing is overhyped. Phishing has existed forever.”
Correct. Phishing is old.
But AI changes the economics.
Cofense’s 2026 report says the pace of malicious phishing emails more than doubled from 2024 to 2025, reaching one every 19 seconds.
“Our MFA protects us.”
MFA is essential.
But modern phishing increasingly targets sessions, tokens, OAuth consent and device-code paths. Microsoft’s reporting emphasizes identity and cloud resilience because attackers increasingly log in through valid access paths.
“Security awareness solves this.”
Training helps.
But AI phishing adapts faster than quarterly training cycles.
Awareness must be paired with identity protection, user reporting, post-delivery remediation and workflow verification.
“Our secure email gateway blocks phishing.”
Some attacks still land.
Cofense explicitly positions its report around threats missed by standard security measures and highlights the need for post-delivery visibility.
Links
Cofense Annual State of Email Security Report
AI-powered phishing reached one malicious email every 19 seconds in 2025. [cofense.com]
Abnormal AI 2026 Attack Landscape Report
Vendor-related BEC accounts for 61% of BEC, and phishing remains the most prevalent attack type in its dataset. [abnormal.ai]
Hoxhunt 2026 Phishing Trends Report
AI-generated phishing surged 14x during the 2025 holiday period and continued into 2026. [hoxhunt.com]
Microsoft Digital Defense Report 2025
Microsoft reports 100 trillion security signals processed daily and around 5 billion emails screened daily. [microsoft.com]
Proofpoint Human Factor / URL Threat Reporting
Proofpoint reported major growth in URL-based threats, ClickFix campaigns and QR-code phishing. [menafn.com], [securityre...iewmag.com]
- Alex