Phishing didn’t disappear. It evolved.

The “classic” phishing email with broken English is no longer the baseline. Attackers now use generative AI to produce believable messages at scale, adapt in real time, and expand beyond email into voice calls, chat apps, QR codes, and OAuth consent prompts. Europol explicitly notes that wider adoption of large language models (LLMs) is improving social engineering by tailoring victim communication and automating parts of the criminal process.

At the same time, defenders are getting better tools—especially phishing-resistant authentication (passkeys/WebAuthn) and stronger identity controls. But protection requires an updated playbook.

What counts as “traditional phishing” vs “AI phishing”?

Traditional phishing

A message (usually email) that tries to trick a user into:

• clicking a malicious link,

• opening an attachment,

• entering credentials on a fake login page,

• or paying a fraudulent invoice.

The attacker relies heavily on volume and human mistakes.

AI phishing

Phishing where generative AI meaningfully improves quality, speed, or personalization:

• hyper-personalized pretexts (based on public data),

• flawless grammar and tone matching,

• multi-language targeting,

• rapid iteration (A/B testing subject lines and content),

• automated conversations (chat/email back-and-forth),

• voice cloning or deepfake audio for vishing,

• and more “modern” identity attacks like token theft and OAuth consent abuse.

The human element remains the weak point: Verizon’s 2025 DBIR executive summary reports that breaches involving a human element are “hovering around 60%.”

AI phishing vs traditional phishing

How the rules changed (the new playbook attackers use)

1) AI makes social engineering “industrial”

LLMs reduce the attacker’s cost of producing convincing text, adapting to different industries, and writing in the victim’s native language. Europol highlights that LLM adoption improves the efficacy of social engineering by tailoring communication and automating criminal processes.

Business impact: more believable lures, higher conversion, and more targeted scams (finance, HR, procurement, exec assistants).

2) Phishing is no longer “just credential theft” - it’s token theft and session hijacking

Adversary-in-the-middle (AiTM) phishing kits harvest session cookies/tokens so attackers can bypass many MFA methods after the user “successfully logs in.”

Microsoft published a January 21, 2026 report on a multi-stage AiTM phishing and BEC campaign abusing SharePoint file sharing and inbox rule persistence—illustrating how modern phishing chains go beyond passwords.

Business impact: a compromised mailbox becomes a platform for internal phishing, invoice fraud, and vendor impersonation.

3) Domain spoofing and “trust wrapping” got smarter

Instead of obviously fake domains, attackers exploit routing complexity and misconfigurations to spoof domains and make messages appear internal or vendor-trusted. Microsoft covered this in a January 6, 2026 post focused on spoofing techniques and invoice-style fraud.

Business impact: the email looks legitimate even to trained staff.

4) OAuth consent phishing and “legit login portals” are mainstream

A modern phish may never ask for a password. Instead, it convinces the user to grant permissions to a malicious app (OAuth consent) or uses device code flows. Microsoft’s Entra team describes OAuth consent phishing and how to prevent it.

Business impact: persistent access via refresh tokens and delegated permissions can outlive password resets.

5) Multi-channel phishing is the default (email + chat + voice)

In 2026, many successful attacks are composed:

• email to set context,

• Teams/Slack message to “follow up,”

• voice call to apply urgency,

• link to a file-sharing platform to look normal.

This is why “spot the typo” training is no longer enough.

6) Third-party involvement is rising—vendor impersonation scales

Verizon’s DBIR executive summary notes third-party involvement in breaches doubling from 15% to 30%.

Business impact: procurement and finance teams face higher risk from fake vendor payment-change requests and “new bank details” scams.

Why phishing still works (even with security tools)

Because phishing is not primarily a technical problem - it’s an identity + workflow problem.

• People are busy.

• Businesses move money and data quickly.

• Tooling can’t perfectly judge intent.

• Attackers only need one slip in an approval chain.

Financial losses remain severe. The FBI’s 2024 Internet Crime Report (released in 2025) reports losses exceeding $16 billion.  Business Email Compromise is consistently among the most damaging categories, with IC3 tracking tens of thousands of BEC complaints yearly.

How to protect your business (a practical defense blueprint)

Layer 1: Identity-first security (the highest ROI)

Move to phishing-resistant authentication

Passwords + OTP codes are not enough against AiTM and modern token theft.

NIST’s digital identity guidance explicitly notes that OTP methods are not phishing-resistant, and points to WebAuthn/FIDO2-style approaches as examples that provide phishing resistance through verifier name binding.

What to implement:

• Passkeys (FIDO / WebAuthn) for workforce authentication where possible. The FIDO Alliance describes passkeys as phishing-resistant, passwordless credentials.

• Support and controls for passkeys are expanding across major ecosystems (for example, Google has promoted passkeys as phishing-resistant).

Add conditional access + device posture

Even with strong auth, reduce risk by requiring:

• compliant devices,

• trusted locations (or risk-based policies),

• impossible travel detection,

• session risk controls.

Treat sessions/tokens as assets

Have a standard response motion for suspected AiTM:

• revoke sessions/tokens,

• reset credentials,

• review MFA method changes,

• remove malicious inbox rules,

• audit OAuth app grants and refresh tokens.

(These steps align with how modern AiTM/BEC chains maintain persistence.)

Layer 2: Email and domain controls that actually matter

Enforce SPF, DKIM, and DMARC—then monitor them

• DMARC in quarantine/reject mode (not “none” forever)

• monitor lookalike domains and DMARC failures

• protect executive display names (impersonation policies)

Harden inbound trust paths

Attackers increasingly “wrap trust” with file-sharing and collaboration links. Microsoft has documented file hosting service abuse for identity phishing.

Controls that help:

• safe link rewriting / time-of-click analysis

• attachment sandboxing

• block newly registered domains where feasible

• restrict automatic forwarding rules

Layer 3: SaaS governance (OAuth is the new phishing surface)

Lock down OAuth consent

• require admin approval for third-party apps

• restrict publisher verification requirements

• review high-risk scopes

• continuously inventory and remove unused consents

Microsoft’s guidance on OAuth consent phishing is a strong starting point.

Layer 4: Payment and vendor controls (stop BEC where it pays off)

AI phishing is often a means to a simple end: money.

Implement process controls that don’t depend on “spotting the scam”:

• vendor bank detail changes require out-of-band verification (call-back to a known number, not the email signature)

• two-person approval for payments and payout changes

• mandatory waiting period for first-time payees

• separate approval channels (finance system approvals, not email approvals)

These controls dramatically reduce BEC loss potential even when an inbox is compromised.

Layer 5: Human Risk Management

Retire “red flag” training as the core strategy. Replace it with:

• short, role-based scenarios (finance, HR, IT, exec assistants)

• drills for OAuth consent prompts, file-sharing lures, QR phishing, voice urgency

• a simple muscle memory: pause → verify → report

• one-click reporting in email and chat tools

• measuring reporting rate, not just “click rate”

Remember: Verizon’s DBIR continues to show the human element is a major factor in breaches.

Take action: Test your team. Reduce human risk. Strengthen resilience.

AI phishing is fast, persuasive, and multi-channel. The most effective way to protect your business is to measure real behavior and build repeatable habits—not rely on assumptions.

ESKA Security helps you do both:

1. Phishing Attack Simulation. We run realistic, controlled phishing scenarios (email and beyond), measure response rates, identify high-risk patterns, and provide a practical remediation plan.

2. Cybersecurity Awareness Training. Short, role-based training that upgrades decision-making under pressure - focused on modern threats like AiTM, OAuth consent phishing, and vendor impersonation.

Want to know where you stand today? Start with a phishing simulation, then turn results into a focused awareness program that actually changes behavior.

FAQ

Is AI phishing “new,” or just better phishing? It’s phishing with reduced attacker cost and higher realism—plus modern identity techniques (AiTM token theft, OAuth consent abuse) that don’t rely on “stealing a password.”

Does MFA still help in 2026? Yes, but not all MFA is equal. OTP and push-based MFA can be bypassed by AiTM and fatigue attacks. Phishing-resistant methods (WebAuthn/passkeys) provide stronger protection.

What is the single best control against modern phishing? Phishing-resistant authentication (passkeys/WebAuthn) plus conditional access, because it reduces the value of stolen credentials and makes token replay harder.

Why do BEC scams keep succeeding?

They exploit business workflows. Process controls (out-of-band verification, dual approvals) stop fraud even if a mailbox is compromised. FBI IC3 reporting continues to show large-scale financial losses from internet-enabled crime.