Kip Meintzer, an executive at security company Check Point Software Technologies, told a recent investor conference that AI had given hackers “the ability to write a perfect phishing email.”
More than 90 percent of successful cyber attacks begin with a phishing email, according to the US Cybersecurity and Infrastructure Security Agency. As these attacks become more sophisticated, their consequences have become increasingly expensive, with the global average cost of a data breach rising nearly 10 percent to $4.9 million in 2024, according to IBM.
Researchers have warned that AI is particularly effective for crafting business email compromise scams—a specific type of malware-free phishing where fraudsters trick recipients into transferring funds or divulging confidential company information. This kind of scam has cost victims worldwide more than $50 billion since 2013, according to the FBI.
AI is “being used to scan everything to see where there’s a vulnerability, whether that’s in code or in the human chain,” said Sean Joyce, global cyber security lead at PwC.
Phishing scams generated using AI may also be more likely to bypass companies’ email filters and cyber security training.
Basic filters, which generally block repeated bulk phishing campaigns, may struggle to track these scams if AI is used to rapidly generate thousands of reworded messages, said eBay’s Demidova.
© 2025 The Financial Times Ltd. All rights reserved. Not to be redistributed, copied, or modified in any way.
+ There are no comments
Add yours