AI shifts the phishing baseline: what companies need to rethink
Generative models have reduced the cost of producing convincing phishing emails to zero. I break down how this changes the threat model and what needs to change in defence.
Good phishing used to require effort. You had to research the target, craft a convincing message, understand the organisation's context. That limited the scale: mass attacks were poorly written and easy to spot, while targeted ones took time.
Generative language models have changed this equation. Producing a convincing, grammatically correct, contextually precise email in any language now takes seconds and costs almost nothing. It scales without limit.
This is not a future scenario. It is already happening.
What specifically has changed
Training employees to spot phishing used to focus on visible signals: spelling errors, awkward phrasing, sender addresses that do not match the topic. Those markers worked because attackers faced language barriers or resource constraints.
Now an email can be written in flawless English or any other language, tailored to your industry, referencing real events and names. Such an email would pass most phishing awareness training courses, because it does not have the markers that training taught people to look for.
The second change is personalisation. Data about employees, their roles, projects, and connections is available from open sources. AI can build a profile and write a relevant message for a specific person at industrial scale.
What this means for defence
User training still has value - but it needs to be updated. The focus shifts from "spot the spelling mistake" to "did you expect this email?", "verify the request through a different channel", "question the urgency".
Technical controls become more important. If we can no longer reliably distinguish good writing from bad writing visually, we need to rely on:
- sender verification: DKIM, DMARC, SPF are not optional, they are the baseline;
- behavioural analysis, not just email content;
- multi-factor authentication wherever a phishing scenario could end with a password being entered;
- privilege minimisation: even if an account is compromised, the blast radius should be limited.
A changed threat model
For managers the key insight is: the change is not that attacks have become dramatically more sophisticated technically. The change is that quality attacks no longer require significant resources. This means that mid-sized businesses, which were previously unattractive targets because of the cost-to-benefit ratio, are now squarely in scope.
A practical review
A few questions to check your current readiness:
- When was the employee security training last updated, and does it account for AI-assisted phishing?
- Are DMARC policies configured to reject spoofed emails from your domain?
- Is multi-factor authentication enabled for all externally accessible systems?
- If an employee clicks a link, what happens - are there additional layers of protection?
- Is there a simple way to report a suspicious email, and are people actually using it?
The threat baseline has changed. The defence baseline needs to change with it.