Cybercriminals are weaponising AI hype to enhance social engineering attacks, according to Microsoft. Modern phishing uses AI-generated deepfakes, synthetic websites, and hyper-personalised messages to exploit trust in AI brands like OpenAI or Google DeepMind. A 2026 Verizon report reveals AI-related phishing attempts have surged 300% since 2023, with 43% of victims trusting fake AI brands. Attackers capitalise on FOMO, creating urgency around “exclusive” AI tools. Microsoft notes 68% of AI-generated text is indistinguishable from human writing. Defences include AI-driven threat detection, employee training, verifying unsolicited AI communications via alternative channels, and advanced email filtering to combat domain spoofing. Organisations must adopt multi-layered strategies to counter this evolving threat.
AI Brands as Bait: How Threat Actors Are Using the AI Hype in Social Engineering
