Editor's Note: This report was authored by Emily Jia
Key Points
AI isn't yet creating new attack techniques. It's making familiar ones cheaper, faster, and harder to detect.
In our review, AI showed up across phishing, malicious tooling, identity fraud, social engineering, and early post-compromise activity.
We observed AI-assisted campaigns producing phishing infrastructure at scale, including clusters of 30 to 40 device-code phishing domains created in parallel.
Threat actors are also using interest in AI as the lure, tricking users into installing malicious "AI tools" or following fake setup instructions.
Stop looking for one obvious “AI tell” and focus on behavior, visibility, and speed.
AI is stripping the cost, time, and visible flaws out of the attack vectors that already work. The tradecraft is familiar, but the pace isn’t.
Across incident response and dark-web research, we found that threat actors are mostly using AI as something they can plug into existing workflows to save time, reduce effort, and make results more convincing.
In our latest report, “How Threat Actors Are Using AI in Real Attacks,” we examine how AI is showing up across phishing, malicious tooling, identity fraud, social engineering, and AI-themed lures. We also look at what threat actors are saying on dark-web forums, the clues defenders can use in context, and what may come next.
AI Is Improving What Already Works
One clear use case for AI is phishing. We observed campaigns where attackers used AI to help produce convincing phishing pages, polished support text, and branded content designed to blend into legitimate workflows. In one campaign, attackers used AI to create thousands of phishing pages impersonating booking platforms and individual businesses. In another, they spun up 30 to 40 similarly themed device-code phishing domains simultaneously.
That matters because the old warning signs (e.g., obvious typos, awkward wording, clumsy formatting) are becoming less dependable. AI can smooth those away quickly, which means a phishing page no longer has to look rough to be malicious.
The same pattern showed up in malicious tooling. We reviewed web shells, credential harvesters, and loaders with signs consistent with AI-assisted generation, including repetitive explanatory comments, generic variable naming, and padded code designed to frustrate static analysis. In several SAP NetWeaver incidents, the same web shell was deployed across six to eight hosts within hours. In one case, just 60 seconds passed between the shell being uploaded and the first reconnaissance command.
The Same Shift Applies to Social Engineering
AI is also helping attackers on the human side of intrusion activity.
We saw that in DPRK remote IT-worker fraud, where AI is making it easier to create polished, disposable fake personas credible enough to get through hiring or onboarding.
More broadly, AI is improving the quality of social-engineering content across phone, web, and identity workflows. That includes cleaner copy, more natural-sounding scripts, more believable branding, and better localization. In practical terms, that makes it easier for attackers to build trust and harder for users to rely on surface-level warning signs.
Sometimes AI Is the Lure
In some campaigns, AI was the hook rather than part of the workflow.
We investigated malware delivery campaigns that used interest in AI tools to get users to install malicious extensions, run terminal commands, or follow fake setup instructions. The lure worked because it looked routine, especially for technical users. Downloading a new extension or copying an install command is normal behavior in many developer environments.
That makes these campaigns less about AI capability and more about adoption gaps. When demand for a new tool moves faster than internal approval and distribution processes, attackers get an opening.
What Defenders Should Focus On
The real issue isn’t whether AI is present, but whether security teams can still detect, investigate, and respond when attackers move faster, scale more easily, and produce more convincing output.
AI-enabled threats don’t require a separate defense strategy. Organizations need strong visibility across identity, endpoint, network, cloud, email, web, and external infrastructure, along with defenses built on behavior and context rather than surface appearance. They also need defense in depth, so a single successful lure, stolen credential, or malicious install doesn’t immediately turn into a broader compromise.
AI and automation also need to play a larger role on the defensive side. Used well, they can help correlate weak signals earlier, reduce triage time, enrich investigations, and trigger coordinated response before a fast-moving intrusion becomes a larger incident.
