Phishing has long been a staple of cybercrime, historically betrayed by clumsy spelling, suspicious URLs and poor formatting. Today, however, the rules have changed. What once required technical knowledge, time, and effort can now be executed with frightening ease by virtually anyone.
Thanks to generative AI, automation, and easy access to malicious toolkits, the barrier to entry for cybercrime is fast collapsing. Phishing emails are now convincingly written, well branded, and often hyperpersonalized. Deepfake audio and video tools make it possible to impersonate trusted individuals in real time.
Even entry level attackers can now deploy high quality campaigns that look and sound legitimate. Ironically, a spelling error might be the only clue that a message was created by a real human, rather than an AI.
You may like
Meanwhile, across the business world the stakes for defenders are rising fast. As multichannel attacks grow in scale and sophistication, even experienced employees are falling victim. In this new landscape, the cost of inaction isn’t just a data breach- it’s operational disruption, financial loss, and lasting reputational damage. Let’s unpack how advancements in technologies such as AI expands the talent pool for threat actors.
Matt Aldridge
Social Links Navigation
Senior Principal Solutions Consultant at OpenText Cybersecurity.
Social engineering made scalable
Phishing may be evolving but it still hinges on the same psychological tricks: urgency, trust, and fear. But where scams were once generic and mass distributed, AI now allows attackers to tailor them at scale. The result? A surge in spearphishing – targeted messages crafted with context to deceive specific individuals.
According to the OpenText 2025 Cybersecurity Threat Report, November 2024 saw the highest rate of spearphishing to date, making up 56.56% of all phishing activity. Attackers no longer have to choose between volume and precision- they can get the best of both worlds. And with users increasingly conditioned to trust branded platforms, phishing emails delivered via Google Docs or Amazon AWS (“living off the land” techniques) are slipping past defenses unchecked.
This democratization of tools means that cybercrime no longer requires deep expertise- just access to the right AI tools and a few stolen credentials. That’s a worrying trend for businesses who rely on traditional training to build user awareness. Keeping pace means continuously updating training to reflect emerging tactics, particularly those that blend email, SMS, voice and video across channels.
AI and automation, cybercrime’s force multiplier
The rise of generative AI has redefined the phishing threat. Not only are messages more convincing, but campaigns are faster to build, harder to detect, and significantly more dangerous. Deepfakes, once the domain of state actors, are now available to anyone with an internet connection.
This sharp rise in attack sophistication is mirrored in infection trends. In 2024, malware infections on business PCs jumped yet again from 1.86% to 2.39%- the steepest increase since 2020. And it’s not just the first hit that hurts: 43% of affected business endpoints were reinfected within the year. For consumers, the number is even higher, at 56%.
Attackers are increasingly using .zip files as a delivery mechanism, now the most popular format for malware laden attachments, making up 53% of the total. Their perceived legitimacy, combined with password protection (often provided in the email), creates a perfect storm of trust and risk.
AI isn’t just raising the quality of phishing, it’s removing the learning curve. That’s what makes today’s threat environment fundamentally different from even two years ago.
To counter this, organizations must fight fire with fire: deploy AI-enabled security tools that learn and adapt as quickly as attackers’ methods evolve.
From inbox to checkout
Phishing is no longer confined to email inboxes. Attackers have expanded into ecommerce, financial platforms, and cryptocurrency ecosystems – anywhere users engage digitally and make decisions quickly.
During busy shopping periods, scammers launch fake order confirmations and spoofed storefronts to steal payment details. Fraudulent investment schemes targeting decentralized finance and crypto wallets are also on the rise, often engineered with the same social engineering techniques seen in traditional phishing.
The OpenText report notes that phishing attacks are becoming more opportunistic, with over 235 million malware emails quarantined in 2024. Zip attachments dominate due to their effectiveness in bypassing user skepticism, and their ability to mask malicious content under the guise of security. This shift underscores a critical point: phishing is no longer just about access – it’s about fraud, financial theft, and long-term compromise. The digital trust model that underpins modern commerce is being weaponized.
Cybersecurity strategies must now span customer journeys, supply chains, and transaction flows, not just internal email systems.
Going forward
Phishing has evolved into a democratized, AI powered weapon, used by threat actors of all skill levels to exploit human trust and unlock IT infrastructure. The tools are widely available, the learning curve is shrinking, and the consequences of even one successful attack are growing.
This new era demands a new mindset. Defensive efforts must shift from reactive to proactive, combining real time threat detection with intelligent automation and continuous user education. Our data shows that companies using layered defenses, such as endpoint and DNS protection, experience 19.4% fewer infections than those relying on endpoint security alone.
In short, cyber resilience is no longer a mere competitive advantage – it’s imperative for survival.
Business leaders must act now. Audit your digital defenses, modernize your detection tools, and raise cyber awareness and response readiness at every level. Because when attackers can operate with minimal effort, organizations must respond with maximum intent.
We list the best online cybersecurity course.
This article was produced as part of TechRadarPro’s Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro
