AI-Powered Phishing: Kaspersky Warns of Rising Cyber Threats Across META Region
Cairo – As artificial intelligence continues to redefine global industries, cybercriminals are not falling behind. Kaspersky, the global cybersecurity firm, has raised the alarm over the increasingly sophisticated use of AI in phishing attacks—warning that even seasoned professionals are being caught off guard by highly customized and convincing scams.
According to Kaspersky’s latest regional report covering the Middle East, Turkey, and Africa (META), cyberattacks on enterprises surged by nearly 48% over the past year. Among these, phishing emerged as the most widespread threat, with more than half (51%) of respondents admitting to encountering such attacks. Looking ahead, 53% of IT professionals surveyed anticipate a sharp escalation in AI-driven phishing attempts.
Phishing Gets Personal with AI
Gone are the days of generic mass phishing emails. Today, malicious actors are harnessing AI to craft hyper-targeted messages tailored to specific individuals. By scraping data from public social profiles, corporate websites, and professional platforms, attackers can mimic internal communication styles and fabricate emails that appear to originate from trusted sources.
Imagine a company’s CFO receiving an email that mirrors the tone and formatting of the CEO’s correspondence—complete with references to recent internal meetings or events. The result is an alarming level of credibility, making it increasingly difficult to discern real from rogue.
Deepfake Technology Raises the Stakes
AI-powered deepfake tools are taking phishing attacks to a new dimension. Kaspersky reports a rise in incidents where fraudsters create fake video or audio recordings that replicate the voice and appearance of high-ranking executives. In one high-profile case, a deepfake video call tricked an employee into transferring $25.6 million—highlighting the danger posed by increasingly realistic impersonations.
As deepfake tech advances, organizations face a growing challenge in authenticating communications, especially during remote interactions.
Outsmarting Traditional Defenses
Conventional email security systems are proving inadequate against AI-enhanced phishing. Sophisticated language models can now mimic legitimate email patterns and bypass spam filters. Meanwhile, machine learning algorithms allow attackers to test, adapt, and optimize their phishing campaigns in real time—making them more elusive and effective.
When Experience Isn’t Enough
Not even experienced cybersecurity professionals are immune. The psychological tactics embedded in AI-generated messages—urgency, fear, or false authority—can manipulate even the most vigilant employees. The hyper-realism of such content erodes the natural skepticism that often guards against threats.
The New Defense Playbook
To counter these emerging threats, Kaspersky emphasizes a layered, proactive defense strategy. Organizations must prioritize continuous cybersecurity awareness training that specifically addresses AI-generated threats. Kaspersky’s Automated Security Awareness Platform, for instance, is designed to equip employees with the skills to recognize suspicious patterns and deceptive language.
On the technical front, robust solutions like Kaspersky Next and Kaspersky Security for Mail Server can detect subtle anomalies in writing styles or metadata, flagging potential phishing attempts before they reach inboxes.
Finally, the Zero Trust security model is becoming a critical part of modern cyber defense. By minimizing user access and segmenting network resources, Zero Trust ensures that breaching one system doesn’t compromise the entire infrastructure.
As cybercriminals weaponize AI, it’s clear that only a combination of intelligent tools and well-informed humans can stay one step ahead.