Research from SlashNext reveals that phishing emails generated by large language models now bypass 94% of traditional email security gateways, a stark increase from 68% just one year ago. The AI-crafted messages are virtually indistinguishable from legitimate business communications, using contextually appropriate language, proper formatting, and personalized details scraped from social media.
The study tested over 10,000 AI-generated phishing samples against leading email security products from Proofpoint, Mimecast, and Microsoft. Only solutions employing their own AI-based detection models achieved meaningful interception rates above 60%.
Security teams are advised to implement behavioral analysis tools that examine email metadata, sender patterns, and link destinations rather than relying solely on content-based filtering.
