CyberHappenings logo
Home Browse Watchlists Experimental About

Track cybersecurity events as they unfold. Sourced timelines. Filter, sort, and browse. Fast, privacy‑respecting. No invasive ads, no tracking.

AI-Driven Phishing Attacks Double in Volume Year-Over-Year

First reported
Last updated
1 unique sources, 1 articles

Summary

Hide ▲

Phishing attacks detected in 2025 increased more than double compared to 2024, with one email caught every 19 seconds. AI technology is enabling threat actors to generate, test, and deploy phishing campaigns at scale, resulting in faster, more adaptive, and convincing attacks. The rise includes polymorphic, multi-channel campaigns that continuously change their appearance while maintaining malicious intent. AI is helping threat actors compose emails in near-flawless local languages, contributing to a 18% rise in conversational phishing emails. Other trends include highly personalized campaigns, polymorphism by default, and a surge in the use of remote access tools (RATs). The .es TLD saw a 19-fold increase in use for credential phishing, making it the third-most abused domain. The report also noted a 204% increase in phishing emails delivering malware in 2025 compared to 2024.

Timeline

  1. 04.02.2026 16:00 1 articles · 8h ago

    AI-Driven Phishing Attacks Double in Volume Year-Over-Year

    In 2025, phishing attacks detected increased more than double compared to 2024, with one email caught every 19 seconds. AI technology is enabling threat actors to generate, test, and deploy phishing campaigns at scale, resulting in faster, more adaptive, and convincing attacks. The rise includes polymorphic, multi-channel campaigns that continuously change their appearance while maintaining malicious intent. AI is helping threat actors compose emails in near-flawless local languages, contributing to a 18% rise in conversational phishing emails. Other trends include highly personalized campaigns, polymorphism by default, and a surge in the use of remote access tools (RATs). The .es TLD saw a 19-fold increase in use for credential phishing, making it the third-most abused domain. The report also noted a 204% increase in phishing emails delivering malware in 2025 compared to 2024.

    Show sources
    Open in new tab

Information Snippets

  • Phishing emails detected in 2025 increased to one every 19 seconds, more than double the rate of one every 42 seconds in 2024.

    First reported: 04.02.2026 16:00
    1 source, 1 article
    Show sources

  • AI technology is being used by threat actors to generate, test, and deploy phishing campaigns at scale, making attacks faster, more adaptive, and convincing.

    First reported: 04.02.2026 16:00
    1 source, 1 article
    Show sources

  • Conversational phishing emails accounted for 18% of the total, indicating growth in business email compromise (BEC) attacks.

    First reported: 04.02.2026 16:00
    1 source, 1 article
    Show sources

  • Highly personalized campaigns include delivering different payloads based on the type of machine/device and optimizing credential harvesting pages for mobile users.

    First reported: 04.02.2026 16:00
    1 source, 1 article
    Show sources

  • Three-quarters (76%) of initial infection URLs identified by Cofense were unique, indicating the use of AI for personalization.

    First reported: 04.02.2026 16:00
    1 source, 1 article
    Show sources

  • There was a 105% annual increase in detections of legitimate and malicious remote access tools (RATs) in 2025.

    First reported: 04.02.2026 16:00
    1 source, 1 article
    Show sources

  • The use of .es domains for credential phishing increased 19-fold from Q4 2024 to Q1 2025, making it the third-most commonly abused domain.

    First reported: 04.02.2026 16:00
    1 source, 1 article
    Show sources

  • There was a 204% increase in phishing emails delivering malware in 2025 compared to 2024.

    First reported: 04.02.2026 16:00
    1 source, 1 article
    Show sources