AI-generated phishing is rapidly reshaping email risk, with more attacks slipping past filters and landing directly in users’ inboxes, even though AI-generated emails remain a minority of total phishing.
The human element remains central: 68% of breaches involve people, and 80–95% of those begin with phishing, making social engineering the dominant breach vector.
Phishing volume has exploded since generative AI went mainstream, with reports attributing a more than 4,000% increase in phishing activity to tools like ChatGPT and similar large language models.
These models generate fluent, localized, context-aware emails at scale, stripping away the spelling mistakes and awkward phrasing users were trained to distrust.
At the same time, the economic incentive is huge: the average phishing-related breach now costs around 4.88 million dollars, representing the largest year‑over‑year jump in breach cost since the pandemic.
The 2025 Phishing Trends Report provides the first reference point for the global incidence of real malicious clicks and the phishing attacks that bypass email filters.
Employees can be trained to recognize and report social engineering attacks with a 6x improvement in 6 months, and reduce the number of phishing incidents per organization by 86%.
For attackers, AI lowers effort and expertise while keeping payoffs high, which is why business email compromise (BEC), credential harvesting, and multi-channel phishing (email, SMS, collaboration tools) are all rising.newsroom.
AI-Driven Phishing Attacks
Hoxhunt’s 2025 Phishing Trends data shows that phish bypassing email filters has climbed sharply since 2022, with a nearly 50% rise in attacks that make it through to users, though growth slowed in 2024 as filters adapted.
The report found a $1.2 million cost difference between breaches that were identified and contained before or after 200 days of initiation.
Detection engines still rely heavily on static indicators domains, URLs, attachment types while attackers increasingly abuse trusted infrastructure such as reputable file‑sharing platforms, redirect services, and HTTPS‑secured pages to look legitimate.
AI helps attackers subtly vary content and structure, creating polymorphic phishing waves in which each email is slightly different, reducing signature effectiveness and making reputation-based blocking harder.
Yet, based on analysis of hundreds of thousands of real malicious phishing emails, fewer than 5% of phish that bypassed filters in 2024 were confidently identified as AI‑written, underscoring that traditional phishing kits and playbooks remain widely used for now.
Across industries, employees in a 1,000‑person organization can expect thousands of phishing emails per year to evade technical controls, resulting in hundreds of “malicious clicks” when only baseline awareness training is in place.
High-value roles in finance, HR, and IT are priority targets because they control money, access, and systems, and are frequently impersonated in BEC, payroll redirection, and invoice fraud schemes.
Trusted‑brand and service impersonation Microsoft, document‑signing tools, postal and tax authorities remains highly effective because users are conditioned to respond quickly to account, salary, or compliance prompts.
Industries like financial services show some of the highest reporting and lowest failure rates after intensive training, while sectors with many frontline workers, such as healthcare and retail, often lag due to limited screen time and higher operational pressure.
Behavior also varies across countries and cultures, with some regions showing higher “miss” rates where people are less inclined to report suspicious emails, even when they notice something is off.
Before training, only 34% of users successfully report these phishing simulations, while an alarming 11% fail by opening the attachment or clicking a malicious link.
Data from large-scale phishing simulations and real‑world reporting confirm that behavior-focused, adaptive training can dramatically cut click rates, even against sophisticated or AI‑generated lures.
Programs that move beyond quarterly checkbox training to frequent, tailored simulations show reporting rates rising from single digits or ~20% up to 60% or more within a year, while failure rates (clicks) drop to around 3% or lower, even as scenarios get harder.
This change is not just theoretical: organizations with high engagement and rapid reporting see dwell time the lag between delivery and user report shrink, allowing security teams to remove active campaigns from inboxes in minutes instead of days.
When combined with modern email security controls, this human “sensor network” becomes a critical detection layer for the very campaigns that AI helps slip past filters.
What defenders should do now
Calculating how many phish are in the actual email environment is possible via human threat intelligence.
To counter AI‑generated phishing that bypasses email filters, organizations should:
- Treat the inbox as an extension of the detection surface, instrumenting easy in‑client reporting and tight SOC workflows.
- Deploy adaptive, role‑aware phishing simulations that reflect real attacker themes (BEC, QR codes, collaboration tools, cloud login pages, deepfake‑style executive requests).
- Continuously tune email defenses for AI‑driven and multi‑channel campaigns, focusing on behavioral indicators, abuse of trusted services, and anomalous communication patterns.
- Track metrics such as reporting rate, failure rate, and dwell time as primary human‑risk KPIs, not just compliance completion.
AI has already tilted the scales in favor of phishers, but the same technology combined with behavior-based training and high-velocity reporting can be used to systematically cut the number of real incidents that begin with a single, costly click.
Follow us on Google News, LinkedIn, and X to Get Instant Updates and Set GBH as a Preferred Source in Google.
