SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Asia

Guides

#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware

Search

Realistic hooded figure computer digital phishing hooks ai cyber threats
#
MDM
#
Phishing
#
Advanced Persistent Threat Protection

AI-powered phishing threats outpace business defences & SOC teams

Sat, 18th Oct 2025
Author image
By Jed Nykolle Harme, Editor

Generative artificial intelligence and agentic systems are changing tactics and scope in the fields of phishing and smishing, posing new risks for business security operations.

Large language models, voice synthesis tools, and autonomous software agents are now at the core of a shift that sees criminal actors conducting increasingly precise, multilingual, and adaptive cyberattacks. These developments challenge familiar defences and have compelled Chief Information Security Officers (CISOs) and security leaders to reconsider their strategic approach to digital threats.

A new generation of threats

Generative AI tools can produce highly convincing phishing messages across more than one hundred languages, with attackers able to scrape information from sources such as LinkedIn, press releases, or old data breaches to create messages that reference ongoing projects and real colleagues. These emails often closely imitate genuine internal or supplier communications.

Voice and video synthesis adds an additional complication for defenders. Attackers can clone executive voices using short samples of recorded audio and, with deepfake videos, simulate high-level video calls just convincingly enough to authorise financial transfers or announce operational changes.

These methods take advantage of the trust that underpins so much of digital business interaction, transitioning phishing and smishing from isolated incidents to threats with potential impact across finance, operations, compliance, and reputation risk.

Changing attack architecture

Today's phishing and smishing campaigns are not limited to email. Attackers utilise cloud infrastructure and automation pipelines and may even operate AI-as-a-service models. Generative AI can provide the attack content, while agentic AI systems manage the orchestration of attacks across multiple channels, including email, SMS, phone calls, and social platforms.

"These agentic systems don't just blast out emails-they orchestrate multi-channel attacks across email, SMS, voice calls, and social platforms. They monitor how victims respond, learn from each interaction, and adjust tone, timing, and medium in real time. If email doesn't work, they pivot to text messages. If that fails, they might try LinkedIn messages or phone calls using voice clones."

This approach-referred to by security researchers as Advanced Persistent Manipulation (APM)-means attackers can take more time to cultivate relationships and refine their attacks through multiple attempts and platforms.

Limitations of traditional defences

Common cyber security protocols have struggled to keep pace with this evolution. Organisations have previously relied heavily upon user awareness training-teaching employees to recognise poorly worded messages or suspicious URLs-but generative AI has eliminated many cues that were once clear signs of phishing.

AI-powered attacks are also dramatically cheaper to scale, allowing attackers to target thousands of individuals with greater personalisation and almost no additional cost. In contrast, Security Operations Centre (SOC) teams must analyse each incident, often requiring manual investigation, which places additional pressure on already overstretched staff.

"The economics are also shifting. AI lets attackers send out thousands of personalized lures at negligible cost. Defenders, meanwhile, have to analyze each one individually-often involving human analysts. SOC teams are already overloaded; AI is making that worse by flooding them with convincing, high-fidelity threats."

The increased sophistication of attacks leads to a further erosion of digital trust. As organisations implement stricter verification processes to compensate, employee productivity can be affected, but a balance must be struck to avoid remaining exposed to new threats.

Building a resilient security strategy

Check Point Software outlines several key recommendations for CISOs in adapting to the changing threat landscape. These include integrating machine learning to analyse tone and context in communications, extending Zero Trust principles beyond networks into all messaging platforms, and using Extended Detection and Response (XDR) platforms to correlate signals across multiple domains. The company notes platforms such as Check Point Harmony Email & Collaboration and Check Point Infinity XDR as examples of these approaches in practice.

Attention to mobile device protection is also highlighted due to the rise of smishing. As mobile devices can bypass many traditional email security measures, comprehensive protections such as Check Point Harmony Mobile are recommended.

Automated security response capabilities are also vital to counteract attackers' use of AI, enabling near-instant isolation of compromised accounts and infrastructure.

"When attackers move at machine speed, defenders can't rely on manual processes. Security orchestration and automated response (SOAR) solutions isolate compromised accounts, quarantine malicious messages, and block infrastructure within seconds. Speed matters."

Governance and regulatory requirements

Increasing regulatory obligations are pushing organisations to adapt their security frameworks faster. Global regulations such as the SEC's new cyber reporting rules, GDPR, HIPAA, PCI DSS, and GLBA all demand adaptive risk management from large organisations, with non-compliance potentially leading to penalties.

Boards and cyber insurers are both asking for more transparency around AI threats and demanding evidence that investments in defence are effective, with coverage standards and premiums reflecting these new expectations.

CISO priorities

Generative AI and agentic systems have already become established tools for threat actors, transforming phishing and smishing risks into urgent priorities for defenders. As organisations work to adapt, the need for AI-native cybersecurity technologies, multi-channel detection, mobile defence, automation and strategic alignment with governance and compliance regimes is both clear and pressing.

"Generative AI and agentic systems are not a distant future threat-they're here, reshaping phishing and smishing right now. Attackers have already adapted. The real question is: can defenders keep pace? For CISOs, this moment calls for decisive action."

The latest developments highlight the importance for businesses to review and evolve their strategies in response to the rapidly shifting capabilities of AI-powered cyber threats.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Most organisations neglect key security in rapid AI adoption
Wrap up of Commvault Cloud Unity unifies data, cyber & identity resilience
Tenable named leader in 2025 Gartner quadrant for exposure platforms
Duality & Google Cloud launch confidential AI with GPU power
Cloudsmith unveils MCP Server to bridge AI & developer tools

Top stories

Boomi recognises APAC innovation with awards for digital impact
Suprema unveils BioStar X for unified AI biometrics & security
Phishing kits & steganography drive new wave of email threats
Milestone reveals city AI model as hackathon prize hits EUR €5,000
Mizuho Bank streamlines Asia Pacific payments with new platform