The Rise of AI-Generated Phishing: Inside the Tactics, Risks, and Countermeasures for ChatGPT and BERT-Enabled Email Attacks

As technology advances, so do the tactics of cybercriminals. A recent development is the use of artificial intelligence (AI) in phishing attacks, which are designed to trick people into releasing sensitive information or downloading malware. Researchers have uncovered a new phishing email campaign that employs AI-powered language models, specifically ChatGPT and Google BERT, to create sophisticated email attacks.

The Rise of AI-Based Phishing Attacks

Threat actors have increasingly been relying on AI since November 2022. AI-based phishing is particularly worrisome because malicious actors can use machine learning models to create convincing scams that can be difficult to identify. They can imitate the writing styles of real people, leading targets to believe that they are receiving legitimate emails.

New phishing email campaign using ChatGPT and Google BARD

The new phishing campaign that researchers discovered is an example of an AI-based phishing attack that uses language models to generate convincing emails. ChatGPT and Google Bard are popular AI language models for text generation. These language models are fed with prior text inputs and use them to predict and generate new content based on the provided prompts.

AI-based security platforms like Trustify

As AI-based phishing attacks become more prevalent, organizations need to remain vigilant and take proactive steps to protect themselves. AI-based email security platforms such as Trustif are essential in fighting against such attacks. Trustif integrates AI, natural language processing (NLP), and machine learning technologies to identify and block malicious emails from entering an organization’s network.

The significance of phishing emails as a threat to organizations

Phishing attacks are an ongoing issue for organizations of all sizes as they often serve as an entry point for more serious security breaches. According to the FBI, phishing scams accumulated costs of over $4.2 billion between 2013 and 2020. Notably, phishing emails are often the initial point of attack before a more serious data breach occurs.

Case Study: Impersonation of Facebook in a Phishing Email

In one of the phishing emails discovered by researchers, the threat actor impersonated Facebook to gain access to a target’s login credentials. The email appeared to be legitimate, using the same logos, font, and layout as Facebook’s official email communications. Upon analysis, however, the researchers discovered that the email consisted of AI-generated text.

The discovery of AI-generated text in phishing emails raises safety concerns

The AI-generated text in phishing emails complicates security efforts as it can be challenging to discern between AI-generated and human-written emails. The use of chatbots or robotic voices for impersonation further complicates matters since AI-powered voices sound increasingly human-like.

The use of platforms like ChatGPT in generating convincing phishing emails and malware is concerning

Malicious actors can use language models like ChatGPT and Google Bard to generate convincing phishing emails that are difficult to distinguish from legitimate emails. AI-generated text can also be used for other kinds of cyberattacks, such as creating dangerous malware designed to infiltrate an organization’s network.

The emergence of vendor fraud through false invoices

Vendor fraud is another kind of cybercrime that has emerged, involving the creation of fraudulent invoices. Malicious actors use these invoices to trick companies into transferring funds or paying for fake products or services.

As sound technology continues to advance, cybercrime is also evolving and becoming much more sophisticated. As demonstrated by the new phishing email campaign that researchers uncovered, AI-based phishing attacks pose a significant threat to organizations. It’s crucial that organizations remain vigilant and take proactive measures to protect themselves. By investing in AI and machine learning-based security solutions, they can stay one step ahead of malicious actors and protect their sensitive data from harm.

Explore more

Can a Unified ERP System Future-Proof Levi Strauss?

Establishing a seamless digital environment for a brand that spans over a hundred nations is a monumental undertaking that requires more than just standard software updates. Currently, Levi Strauss & Co. is navigating a profound transformation of its digital infrastructure, aiming for a mid-2027 completion of a fully integrated global enterprise resource planning system. This strategic overhaul is not merely

Ethereum Faces $10 Billion Liquidation Risk Near $2,000

The current trajectory of Ethereum suggests a massive collision between aggressive retail speculation and sophisticated institutional sell-side pressure as the asset hovers near the $2,000 psychological threshold. This specific price point has historically served as a pivot for broader market sentiment, influencing the behavior of various decentralized finance protocols and secondary layer-two scaling solutions. Currently, the market exhibits a state

ClickLock Malware Coerces macOS Users to Surrender Passwords

Traditional macOS security architectures have long been celebrated for their robust sandboxing and gated execution, yet a new strain of malware is proving that the human element remains the most vulnerable entry point in any digital ecosystem. This threat, known as ClickLock, has emerged as a particularly aggressive evolution in the macOS threat landscape by prioritizing psychological pressure and social

Stalled Windows 11 Migration Poses Growing Security Risks

The global landscape of enterprise computing is currently grappling with a persistent digital divide as a significant segment of users continues to rely on Windows 10 despite the availability of more secure alternatives. The current ecosystem of digital infrastructure remains tethered to legacy architecture, with recent telemetry indicating that approximately one in six workstations worldwide continues to operate on Windows

How Is OpenAI Redefining AI With Precision Engineering?

The shift from experimental conversationalists to precise engineering tools has fundamentally altered the landscape of digital productivity and high-performance computing in 2026. This transition is marked by a move away from the early excitement surrounding generative models toward a rigorous framework centered on deep optimization and granular control. OpenAI has spearheaded this movement with the introduction of the GPT-5.6 Sol