Phishing in 2026 is unrecognisable compared to the badly-spelled “Nigerian prince” emails of the 2000s. Artificial intelligence has given attackers the ability to craft personalised, grammatically perfect, contextually accurate social engineering attacks at scale — and to impersonate real people with their voice and face in real time.
This is the threat brief you need to share with everyone in your organisation, and with your family.
What Has Changed: AI Transforms Social Engineering
Traditional phishing had tells you could spot: poor grammar, generic greetings, mismatched URLs, suspicious attachments. AI has systematically eliminated every one of these indicators.
What LLMs give attackers:
- Perfect grammar and tone in any language, instantly
- Personalised content generated from LinkedIn, company websites, and social media
- Plausible business context (“I’m following up on the Q1 proposal we discussed”)
- Instant adaptation — if one approach doesn’t work, generate 20 variants
- Scale — personalised emails that previously took hours to craft now take seconds
What voice cloning gives attackers:
- A convincing replica of anyone’s voice from 30 seconds of public audio (YouTube, podcast appearances, earnings calls)
- Real-time voice synthesis for live phone calls
- Realistic audio that passes scrutiny from people who know the target’s voice
What video deepfakes give attackers:
- Real-time face synthesis for video calls
- “Proof” that a caller is who they claim to be — the most trusted verification method, now compromised
The Anatomy of a 2026 AI Phishing Attack
Phase 1: Target Research (Automated, 5 minutes)
An attacker enters a company name. Automated OSINT tools scrape:
- LinkedIn profiles of all employees (names, titles, email patterns, recent activity)
- Company press releases and announcements
- Social media posts from employees
- Domain WHOIS and email infrastructure
- Any data from previous breach databases
The result is a detailed profile of the organisation and its people, created in minutes without any human involvement.
Phase 2: Spear Phishing Email (AI-Generated, 30 seconds per target)
Armed with this data, the LLM generates personalised emails for each target. For a finance director:
“Hi Sarah, I’m reaching out about the Meridian acquisition we discussed with Marcus last Tuesday. The deal team needs the initial wire transfer processed by EOD to secure the exclusivity window. I’m cc’ing legal on this thread. Can you action the attached instructions? [Malicious attachment] Best, David Chen, CFO”
This email references real colleagues, a plausible business scenario, and creates urgency. The sender address is david.chen@hackingpc-corp.com — a lookalike domain registered three weeks ago.
Every word of it was generated by an AI in under a minute.
Phase 3: Voice Deepfake Callback
When the finance director calls back to verify (good instinct, wrong number), they reach an attacker using real-time voice cloning of the CFO. The conversation is plausible. The “CFO” confirms the wire transfer details. The payment is made.
This exact scenario has cost organisations millions. It’s not theoretical.
Phase 4: Video Verification Bypass
For the most suspicious targets, attackers can now deploy real-time video deepfakes. Using a laptop webcam and consumer-grade software, an attacker’s face is replaced in real time with the face of the impersonated executive.
On a standard-definition video call — Teams, Zoom, Google Meet — the deepfake is convincing enough. Subtle artifacts exist, but most people aren’t looking for them.
How to Spot AI Phishing
Email Red Flags
Check the actual domain, not the display name.
An email can display “David Chen david.chen@acmecorp.com” but actually be sent from david.chen@acmecorp-secure.com. Always check the full sender address.
Display name: David Chen <david.chen@acmecorp.com>
Actual sender: david.chen@acm3corp.com ← Punycode or lookalike domainAnalyse the headers. In Gmail: click the three dots → “Show original”. In Outlook: File → Properties. Look for:
- Does the Return-Path match the From address?
- Did the email pass DMARC authentication?
- Is the sending IP consistent with the claimed domain?
The AI tell: too perfect. Legitimate rushed emails from real people have typos, informal phrasing, incomplete thoughts. An AI-generated email is suspiciously polished for the context. This isn’t definitive, but it’s worth noting.
Urgency + unusual request = red flag. This combination is the hallmark of social engineering whether AI-assisted or not. Any request that combines “urgent” with “unusual” should trigger out-of-band verification.
Voice Call Red Flags
Deepfaked voices have subtle tells:
- Slight robotic quality on certain phonemes (particularly sibilants: s, sh, ch)
- Breathing sounds are absent or synthetic
- Emotional range is flatter than natural speech
- The voice doesn’t adapt naturally to unexpected questions — there’s a slight delay as the synthesis catches up
More importantly: verify through a separate channel. If someone calls claiming to be your CEO and asks for something unusual — hang up and call back on the number you have on record for that person. Not the number they gave you. Not redial.
Establish code words for financial requests. Some organisations use a verbal passphrase for sensitive operations. “Before I action this, can you give me this month’s confirmation word?” An attacker won’t know it.
Video Call Red Flags
Look for:
- Lighting inconsistencies — the face and background lighting don’t match
- Blurring or artifacting around the hairline, ears, and neck
- Glasses that behave unnaturally (reflections don’t move correctly)
- Unnatural blinking patterns
- The person won’t do unusual movements on request (“Can you turn sideways for a second?”)
- Lip sync is slightly off from audio
Challenge actions: Ask them to hold up a specific number of fingers. Put an unusual object in frame. Write a random word on paper and show it. These break simple deepfake pipelines that can’t adapt in real time.
Protective Measures
For Individuals
Enable email authentication warnings. Gmail and Outlook both show warnings for emails that fail DMARC/SPF. Pay attention to them.
Use a separate verification channel for anything financial. Money requests get verified by calling a known number. Always.
Check haveibeenpwned.com. Knowing your email addresses are in breach databases explains why you receive personalised phishing.
Use email aliases. Services like SimpleLogin or Apple Hide My Email give you unique addresses per service. If one is compromised, you know the source.
For Organisations
DMARC enforcement. Set your domain’s DMARC policy to p=reject. This prevents email spoofing from your domain. Check your record:
dig TXT _dmarc.yourdomain.comIt should contain p=reject, not p=none.
Email gateway with AI-based phishing detection. Products like Proofpoint, Mimecast, and Microsoft Defender for Office 365 use behavioural analysis to catch AI-generated phishing that signature-based filters miss.
Phishing simulation training. Run regular simulated phishing campaigns and train staff on failures. GoPhish is free and open-source. Knowbe4 is the enterprise standard. Quarterly is minimum; monthly is better.
Establish a financial transfer verification process:
- Any wire transfer over threshold X requires a callback to a number on record
- No callbacks on numbers provided by the requestor
- Two-person approval for large transfers
- 24-hour delay for new payees (unless override process followed)
Domain monitoring. Services like PhishFort and DomainTools monitor for lookalike domain registrations targeting your brand. Get alerted before attackers can use them.
The Deeper Problem: Trust Is Broken
AI deepfakes represent a fundamental attack on something we’ve relied on forever: recognising people we know. Your voice and face are no longer proof of identity.
This doesn’t mean paranoia — it means adapting. The response isn’t to distrust everyone, it’s to establish process-based verification for sensitive operations that doesn’t rely on recognising a voice or face.
The phone call from your bank asking to verify a transaction? Hang up and call the number on the back of your card.
The “CEO” requesting an urgent wire transfer? Verify via a known channel before actioning.
The video call asking for confidential information? Make sure your company has policies that require additional verification for sensitive requests regardless of who appears to be on screen.
The technology has changed. Our security behaviours need to catch up.
Tools for Detecting Deepfakes
| Tool | Type | What It Detects |
|---|---|---|
| Microsoft VALL-E Detection | API | AI-generated audio |
| Sensity AI | Platform | Deepfake video |
| Reality Defender | Enterprise | Audio + video deepfakes |
| Hive Moderation | API | AI-generated content |
| Intel FakeCatcher | Research | Real-time video deepfakes |
These tools aren’t perfect — deepfake generation and detection are in an arms race. But they add a layer to your verification process for high-stakes situations.
Conclusion
AI phishing isn’t a future threat — it’s the current threat. The attacks described in this article are happening now, at scale, against businesses and individuals worldwide.
The good news: the defences are well understood. DMARC, out-of-band verification, phishing training, and financial controls together eliminate the vast majority of risk. The bad news: most organisations haven’t implemented them yet.
Be the exception.