AI-Driven Phishing: How to Recognise the New Attacks
Phishing emails are becoming increasingly convincing thanks to AI. Learn how to recognise AI-driven phishing and protect your business with practical tips.
AI-driven phishing is the fastest-growing cyber threat for SMEs in 2026. Where phishing emails were once recognisable by poor language and odd formatting, criminals now use artificial intelligence to produce messages that are virtually indistinguishable from the real thing. In this article, you will learn how these new attacks work, why they are so effective, and what you can do about them.
What is AI-driven phishing?
AI-driven phishing is a form of cybercrime in which attackers use generative AI (such as ChatGPT-like tools) to create convincing fake messages. This goes beyond just email: Teams messages, text messages and even phone calls with AI-generated voices are also being used.
| Aspect | Traditional phishing |
|---|---|
| Language | Often poor, spelling mistakes |
| Personalisation | Generic ('Dear customer') |
| Volume | Mass identical emails |
| Speed | Manually composed |
| Channels | Mainly email |
Why is it so dangerous?
The figures speak for themselves.
10x
more attempts
in one year (source: KPN)
46%
increase
AI phishing content (source: Microsoft)
7M+
attacks/week
blocked at NL businesses (source: KPN)
According to the Anti-Phishing Working Group (APWG), over 1.13 million phishing attacks were recorded in the second quarter of 2025 — the highest level since 2023.
What makes AI phishing so effective?
Old vs. new phishing
The “standard red flags” you may know from training are becoming less and less reliable.
| Red flag | Used to work |
|---|---|
| Spelling and grammar errors | Yes, clear signal |
| Strange sender | Yes, @gmail.com for a 'bank' |
| Generic greeting | Yes, 'Dear customer' |
| Illogical request | Yes, Nigerian prince |
| Suspicious link | Yes, clearly wrong URL |
New forms of AI phishing
How can you still recognise it?
Although the old signals are less reliable, there are new red flags to watch for.
The STOP principle
Stop
Do not click straight away. Take a moment to pause with every unexpected request.
Think
Does this make sense? Am I expecting this message? Is the request logical?
Observe
Check the sender, the link (hover without clicking), the context.
Proceed
Only if everything checks out. If in doubt: verify via a different channel.
What can your business do?
Effective protection against AI phishing requires a combination of technology and human awareness.
Technical measures
Read more about multi-factor authentication and why it forms the foundation of every security strategy.
Human measures
The role of NIS2
The NIS2 directive requires businesses to take “appropriate and proportionate security measures”, including security awareness training. For many SMEs, this becomes an obligation through the supply chain: clients that fall under NIS2 will impose requirements on their suppliers.
Read more about the NIS2 directive and what it means for your business.
Common objections
| Objection | Reality |
|---|---|
| We are too small to be attacked | SMEs are actually a favourite target due to limited security |
| Our email filter catches everything | AI phishing bypasses traditional filters more and more often |
| Our people are smart enough | Even security experts fall for well-crafted AI phishing |
| Phishing training is expensive and time-consuming | A successful attack costs tens of thousands of euros in damage on average |
€50,000+
average damage
SME ransomware attack
21
days
average downtime after an attack
60%
of SMEs
cease operations within 6 months after a cyber attack (source: NCSC)
Conclusion
AI has fundamentally changed the playing field of phishing. The emails are better, the attacks are more targeted, and the volumes are greater than ever. But with the right cybersecurity measures, you are not powerless.
Need help?
At Barion, we help SMEs with phishing protection. From security awareness training and phishing simulations to advanced email security and tailored cybersecurity solutions.
Ronald Evers
IT specialist at Barion with over 20 years of experience in SME IT. Ronald writes about IT trends, cybersecurity and digital transformation.
More articles
Power Outage at the Office? How to Prevent Data Loss
A power outage can lead to data loss and corrupt files. Discover why an Online Workplace protects your business against power failures.
5 Benefits of an Online Workplace for SMEs
Why are more and more SME businesses switching to an online workplace? Discover the 5 key benefits and whether it's right for your business.
The 10 Most Common IT Scan Mistakes at SMEs
Which IT problems do we encounter most often at SME businesses? From missed backups to weak passwords - discover the top 10 and how to prevent them.
Need help with your IT?
Our IT specialists are happy to help. Get in touch for a free consultation.
