AI-generated phishing emails have increased 1,200% year-over-year according to Proofpoint's annual threat report, with language model-crafted messages achieving click-through rates 6 times higher than traditional phishing templates.
The Evolution of Phishing
Threat actors are using fine-tuned language models to generate highly personalized phishing emails that mimic writing styles of specific executives, reference real projects, and incorporate current company events.
- AI phishing emails contain zero grammatical errors — eliminating the traditional red flag
- Spear-phishing campaigns now target individuals using scraped LinkedIn and social media data
- Voice cloning attacks (vishing) using AI-generated audio increased 340%
- Business email compromise losses reached $4.1 billion in 2025
Defense Strategies
Security experts recommend moving beyond awareness training to implement technical controls including DMARC enforcement, AI-powered email filtering, and phishing-resistant MFA using hardware security keys rather than SMS codes.
