Phishing Attacks Drop 20% as Hackers Leverage AI for Smarter Scams

Phishing attack volume has declined by approximately 20% over the past reporting period, according to new data highlighted by Dark Reading, but the decline tells a misleading story. Threat actors are not retreating; they are refining their tradecraft. Rather than casting wide nets with low-effort lures, adversaries are consolidating resources into fewer but significantly more sophisticated campaigns, driven largely by generative AI and large language model (LLM) tooling that automates targeting, localization, and social engineering at scale.

The shift reflects a broader industry transition from quantity to quality. AI-assisted phishing kits can now produce grammatically flawless emails in dozens of languages, clone corporate voice patterns harvested from leaked documents, and generate deepfake audio or video to impersonate executives in real-time vishing and business email compromise (BEC) attacks. According to multiple threat intelligence feeds, the average cost of a successful BEC incident now exceeds $4.7 million per case, making each phishing attempt far more dangerous than volume metrics suggest. Credential harvesting pages, too, have become harder to detect: AI-generated landing domains rotate quickly and often pass automated URL reputation checks.

For defenders, the data underscores that block-list thinking is no longer sufficient. Security teams should be layering behavioral analysis, DMARC enforcement, and continuous employee training that simulates AI-enhanced lures rather than legacy spray-and-pray templates. Individuals who receive unsolicited messages requesting credential re-entry, payment updates, or MFA codes should treat them as hostile by default, regardless of how polished the communication appears.

Practical hygiene still matters. Verify whether your email has appeared in known credential dumps using the email breach checker, audit the strength of reused passwords with the password checker, and run a full privacy checkup to ensure your browser and network configuration aren't leaking signals that aid phishing infrastructure. As attackers weaponize AI, defenders must weaponize vigilance at the same pace.