AI Phishing: One Malicious Email Every 42 Seconds

By /
Dynamic urban scene showcasing interconnected light trails representing digital communication networks.

At a glance-

Phishing defences have reached a point of exhaustion as they adapt to AI phishing . According to Cofense’s latest threat-intelligence report, an average of one malicious email slipped past secure email gateways every 42 seconds during 2024, a figure 70 percent higher than the year before. Attackers are leaning on generative-AI platforms to write copy that is indistinguishable from legitimate corporate mail, to mutate lures in real time, and to blend attacks into live conversations.

The Data Behind the Surge

Cofense captured more than 750 million suspect messages in 2024. While volume alone was striking, two deeper insights matter even more for 2025 cyber-risk planning. First, 41 percent of the malware samples delivered via email were brand-new to antivirus engines, proof that attackers are automating code variation alongside text variation. Second, response times inside victim organisations are slowing; the average dwell time for a malicious email before it is reported or quarantined now sits at 57 minutes, up from 43 minutes the year prior.

KnowBe4’s Phishing Threat Trends Report corroborates the shift in technique. The firm found that 76.4 percent of phishing campaigns in late 2024 incorporated at least one polymorphic feature, typically an automatic change to subject lines, URLs, or attachment hashes for every single send.

Taken together, the telemetry shows that volume, novelty and speed are converging. The result is a threat from AI phishing that feels less like a wave and more like a continuous tide.

AI Phishing example

How Generative AI Supercharges Phishing

Ten years ago the easiest way to spot a phish was a spelling error. Large-language models have erased that signal. Attackers feed scraped LinkedIn resumes, stolen mailbox archives and public news releases into AI phish prompts, asking the model to “reply exactly as our CFO would.” The output carries the right tone, the correct signature block and even internal project references.

Real-Time Polymorphism

Polymorphism once required human effort. Now code snippets automate the process in AI phishing.

Each recipient sees a distinct lure. Signature-based filters, which rely on identical matches, are forced onto the back foot. KnowBe4 observed a 47 percent rise in phishing emails that bypassed Microsoft’s native security filters through this approach.

Once adversaries compromise an account, generative AI enables contextual replies. The attacker pastes the running email thread into the prompt and asks the model to continue the conversation. When the bogus reply lands, it contains genuine history below the fold, suppressing suspicion. Security researchers have documented surges in these hijacks within Microsoft 365 organisations since early 2025.

Business Impact: Beyond Simple Credential Theft

Accelerated Business Email Compromise

Thread hijacks have turbo-charged Business Email Compromise (BEC) as part of AI phishing campaigns. Finance staff trust that an email inside an existing chain is authentic, particularly when it appears to come from the executive suite.

In early 2024 the British engineering and design firm Arup lost about US $25 million (HK $200 million) after a finance employee in its Hong Kong office was lured into a video call that seemed to include the group’s chief financial officer and several senior colleagues. In reality every other attendee on the screen was an AI-generated deepfake. During the call the fake CFO instructed the employee to execute fifteen urgent transfers to newly provided accounts. Trusting the familiar faces and voices, the employee complied, and the funds were dispersed across multiple banks within minutes. Arup later confirmed the theft and launched a review of its payment-authorisation controls.

Supply-Chain Exploitation

Vendor portals, quoting platforms and document-sharing services are now favoured entry points. Attackers spoof DocuSign or Microsoft SharePoint invitations that redirect victims to a look-alike site. The KnowBe4 report highlights DocuSign, PayPal and Google Drive as the three most impersonated brands at present.

Legal and Regulatory Fallout

Under Australia’s Privacy Act and the incoming mandatory cyber-incident reporting scheme, organisations face fines and public scrutiny when email attacks expose personal data. A successful phish can therefore trigger costs far beyond the immediate fraud, including class-action risk, notification campaigns and insurance premium hikes.

Anatomy of an AI Phish: A Walk-Through

  1. Reconnaissance – The operator harvests staff details, signature blocks and calendar references from publicly available sources and past leaks.
  2. Prompt Engineering – These artefacts feed a script that instructs the language model to create a reply in the CFO’s voice asking for an urgent wire transfer.
  3. Polymorphic Encoding – The same script mutates link parameters and macro hashes for each recipient.
  4. Delivery and Hijack – The AI phishing message is injected into an existing email thread stolen from a previously compromised mailbox, preserving the In-Reply-To header to bypass certain filters.
  5. Execution – The attachment runs a trojan that steals browser-stored cookies, allowing access to banking portals without multi-factor tokens.
  6. Monetisation – Funds are laundered through cryptocurrency tumblers or ride-sharing top-ups to obfuscate the trail.

At no point does spelling, grammar or format raise alarms, illustrating why user judgement alone is no longer adequate.

AI Phishing example

Building a Modern Defence

1. Behaviour-Centric Email Inspection

Invest in tools that detonate attachments and analyse sender behaviour post-delivery. Look for platforms that score anomalies such as impossible reply timing, unusual IP geolocation or header manipulation. These signals are harder for AI to spoof consistently.

2. Hardware-Backed Identity

Move executives and finance approvers to FIDO2 security keys with user-presence checks. Even if an attacker steals a session cookie, they cannot escalate without the physical device. The key serves as a final gate beyond passwords and SMS codes.

3. Out-of-Band Confirmation Culture

Formalise a “voice verify” rule for any fund transfer, password reset or document-signing request. Use encrypted chat or a direct phone call, never the same email chain. Culture change beats filter tuning when polymorphism is involved.

4. Simulated AI Threat Drills

Traditional phishing simulations still matter, but they must evolve. Include thread-injection scenarios, QR-code lures and Google Drive share prompts. Measure not only click rates but time to report, then feed that metric into performance discussions.

5. Continuous Threat Intelligence

Subscribe to feeds that cover fresh AI phishing tactics, not just domain registries. Machine-readable observables, such as polymorphic template fingerprints, help SOC analysts cut through noise.

Long-Term Resilience: From Point Solutions to Strategy

Phishing is no longer a compliance check-box; it is a board-level operational risk. Executives should treat generative-AI phishing the way they treat macro-economic volatility: by investing in layered safeguards, clear playbooks and rapid-response muscle memory.

People – Replace annual awareness videos with quarterly live workshops. Focus on decision priming: teaching staff to pause, verify and route suspicious requests without fear of blame.

Process – Map the entire payment workflow and insert verification gates that cannot be bypassed via email alone. Consider segregated payment authorisation networks.

Technology – Integrate email telemetry with identity-and-access-management logs and endpoint detection. Automated containment, such as account lock or inbox purge that should trigger when risk scores cross a threshold, without waiting for human triage.

NoxNoir weaves these layers into its Cyber Security Awareness Training and Executive Cyber Protection services, combining threat intelligence, behavioural analytics and crisis playbooks. The goal is simple: keep leadership teams focused on growth, not inbox ambushes.

Conclusion

The headline number of one malicious email every 42 seconds captures attention, but the deeper lesson is about adaptation. Attackers have adopted AI phishing at speed, industrialising social engineering in a way that scales infinitely and learns continuously. Defenders must respond with equal agility, trading static controls for behavioural analysis, hardware-rooted identity and a culture of verification.

2025 will not be the year phishing disappears. It will be the year organisations either retool their defences for an AI-accelerated threat landscape or accept that every email interaction carries material risk. The choice is clear, and the clock is already ticking.

Related Posts

Leave a Comment

Scroll to Top