Cofense Reveals Rapid Rise in AI-Powered Phishing: New Threat Every 42 Seconds

AI-powered campaigns bypass traditional defenses as threat actors flood inboxes with polymorphic phishing, spoofed brands, and new malware families

Cofense, the leading provider of intelligence-driven phishing defense solutions, released a new threat intelligence report: The Rise of AI – A New Era of Phishing Threats, which exposes how artificial intelligence (AI) is transforming the phishing threat landscape at a pace many security teams are struggling to match, exposing gaps in traditional perimeter defenses and reinforcing the need for post-perimeter visibility and rapid response.

In 2024, the Cofense Phishing Defense Center (PDC) tracked one malicious email every 42 seconds. Many of these were part of polymorphic phishing attacks that mutate in real-time to bypass traditional filters—creating an unprecedented challenge for defenders.

Cyber Technology Insights : Arctic Wolf Elevates Tech Leaders to Boost Aurora Platform, AI-Driven SOC Innovation

Cofense analysts observed a striking evolution in attacker tactics. AI gave threat actors the power to automate malware development, scale attacks across industries, and personalize phishing messages with surgical precision. These evolving threats are increasingly able to bypass traditional email filters, highlighting the failure of perimeter-only defenses and the need for post-delivery detection. It also enabled them to outmaneuver traditional defenses through polymorphic phishing campaigns that shift content on the fly. The result: deceptive messages that are increasingly difficult to detect and even harder to stop.

Many of the 42-second attacks were part of polymorphic phishing attacks, which continuously modify email subject lines, sender names, and body content to avoid signature-based detection. These shape-shifting tactics now require a defense strategy that combines expert-supervised AI with real-time behavioral context, giving analysts the precision needed to stop threats that evade traditional filters.

Nowhere is this convergence more apparent than in the rise of business email compromise (BEC). Threat actors are now using AI to craft highly convincing emails that impersonate C-suite executives, often mimicking real forwarded threads and referencing payment approvals. These messages are sent from lookalike domains such as “@consultant.com,” and because they’re written by AI, they contain fewer typos, inconsistent formatting, or phrasing that would normally raise suspicion.

Cyber Technology Insights : SANS Institute Launches First-of-Its-Kind ICS/OT Penetration Testing Course

The report outlines five key trends shaping the AI-powered phishing landscape:

A surge in new malware families: Over 40% of malware detected in 2024 was newly observed, with nearly half classified as Remote Access Trojans (RATs). These versatile threats enable persistent access and signal a shift toward more complex, multipurpose attacks.
Flawless generative phishing: Threat actors are using AI to craft highly personalized phishing emails that mimic internal communications with near-perfect grammar and tone, detected and clustered by Cofense’s expert-supervised AI and real-time user intelligence.
BEC attacks explode: Email-based scams surged 70% year-over-year, driven by AI’s ability to automate lures, spoof internal conversations, and bypass spam filters with subtle text variations.
Polymorphic attacks evade filters: Campaigns now mutate in real time, changing subject lines, sender addresses, and message content to slip past filters, making post-delivery visibility and rapid remediation essential for defense.
Diversified deception: Threat actors broadened their tactics—tax scams up 340%, legitimate file abuse up 575%, and Microsoft spoofing spiking 156%, making campaigns harder to anticipate and block.

As threat actors continue to refine their use of AI, Cofense remains committed to helping organizations stay ahead through expert-supervised AI, human intelligence, and a global network of over 35 million trained users, augmenting existing email security with post-delivery detection and response that perimeter tools miss.

Cyber Technology Insights : DTEX Exposes North Korea’s Cybercrime Syndicate, Urges Rethink of Threat

To participate in our interviews, please write to our CyberTech Media Room at sudipto@intentamplify.com

Source: businesswire

Tags: AI-Powered Phishing, artificial intelligence, Cofense, email security, security teams

Cofense Reveals Rapid Rise in AI-Powered Phishing: New Threat Every 42 Seconds

The report outlines five key trends shaping the AI-powered phishing landscape:

CyberTech Media Room

Share With

Recent Posts

Weekly Cybertech Roundup: Highlights of the Week

Corelight Recognized as a Leader in the Inaugural Magic Quadrant

Coinbase Shares Drop After Disclosure of Major Cybersecurity Incident

Freeit Data Solutions Named to CRN Solution Provider 500 List for 2025

Medcrypt Expands Platform Amid Rising Demand for Medical Device Cybersecurity

Nadcab’s Modern AI Algorithms Unlocking Sustainable Gains in the Financial Sector

Contact Us

Quick Links

Insights

Get in touch

Follow Us

Our Other Brands