Cybercriminals are exploiting AI hype to enhance social engineering campaigns, per Microsoft research. Attackers use AI to create hyper-personalised phishing emails, deepfake calls, and fake AI platform websites, capitalising on FOMO and urgency. Spoofed brands like OpenAI and Google DeepMind trick victims into revealing data, with 68% of AI-generated text now indistinguishable from human writing. AI-related phishing attempts rose 300% since 2023, and 43% of victims trusted fake AI brands. Defences include AI-driven threat detection, staff training, verifying unsolicited AI communications via alternative channels, and advanced email filtering to spot domain spoofing. Organisations must adopt multi-layered strategies to counter this evolving threat.
AI Brands as Bait: How Threat Actors Are Using the AI Hype in Social Engineering
