Artificial intelligence (AI) is transforming industries but is also being used by cybercriminals to enhance phishing scams. 

Cybersecurity firm Kaspersky warns that AI is enabling highly personalized and convincing attacks that even experienced professionals find difficult to detect.  

A Kaspersky study released to the press on Friday revealed that nearly half or 49 of surveyed organizations reported an increase in cyberattacks over the past year, with phishing as the most common threat. Half of respondents expect phishing attempts to rise further as AI becomes more widely used by cybercriminals.  

AI now allows attackers to create targeted phishing emails by analyzing publicly available data, such as social media profiles and company websites. The emails mimic the tone and style of legitimate communications, making them hard to distinguish from genuine messages.  

Similarly, the technology is also being used to create deep fakes — fake audio or video messages that convincingly impersonate executives. In one case, attackers used a deepfake during a video call to trick an employee into transferring $25.6 million.  

Even experienced employees are falling victim due to the realism of these scams, which often exploit urgency or authority to pressure recipients into acting quickly.  

Kaspersky urges businesses to adopt multi-layered defenses, including regular training on AI-enabled threats and advanced security tools that detect anomalies in email communications. 

A zero-trust approach, which limits access to sensitive systems, can also reduce the risk of significant breaches. 

“Regular, up-to-date AI-focused cybersecurity awareness training is critical for employees, helping them identify the subtle signs of phishing and other malicious tactics. Alongside this, businesses should implement robust security tools capable of detecting anomalies in emails, such as unusual writing patterns or suspicious metadata,” Kaspersky said.

“By restricting access to sensitive data and systems, this approach ensures that even if attackers breach one layer of security, they cannot compromise the entire network,” it added.