News
AI-Driven Phishing: What Stops Working in 2026
April 2, 2026
The spelling mistakes are gone. The voice on the phone sounds exactly like your CFO. AI has quietly retired most of the phishing advice we have given for a decade — and it is time to update the defence.
For years, security awareness training leaned on tells: bad grammar, generic greetings, clumsy formatting, a sense of urgency that felt slightly off. Those heuristics worked because phishing was produced at scale by people writing in a second language under time pressure. In 2026, that assumption is dead. Generative AI writes fluent, contextual, personalised messages at no marginal cost — and the old advice now does more harm than good by giving people false confidence.
What's changed
Three shifts matter most. First, language is no longer a tell. AI-generated phishing reads naturally in any language, mirrors your corporate tone, and references real projects scraped from public sources. Second, personalisation has scaled. What used to be expensive, hand-crafted spear-phishing aimed at executives is now automated and aimed at everyone. Third, voice and video cloning have arrived in the mainstream. A short sample of someone speaking is enough to synthesise a convincing voice; we have investigated mandate-fraud cases where staff acted on a phone call they were certain came from a director.
Why old detection fails
- "Look for spelling errors" — there aren't any anymore.
- "Verify the sender name" — display names and even lookalike domains are trivially spoofed and AI-selected for plausibility.
- "Trust a familiar voice" — a familiar voice is now a forgeable credential.
The defensive question has flipped. It is no longer "does this message look suspicious?" It is "have I verified this request through a channel the attacker doesn't control?"
What actually works in 2026
The defence shifts from detection to verification and friction. Train people to verify high-stakes requests — payments, credential changes, mandate updates — through a second, out-of-band channel, every time, no exceptions. Build process controls that make a single deceptive message insufficient: dual authorisation for payments, callbacks to known numbers rather than numbers provided in the message, and a culture where pausing to verify is rewarded, not seen as obstructive.
On the technical side, phishing-resistant multi-factor authentication matters more than ever, because it defeats credential phishing even when the human is fooled. Email authentication, attachment sandboxing, and link rewriting remain worthwhile, but treat them as filters that reduce volume — not as the line that holds.
The uncomfortable summary: you can no longer train your way to spotting a perfect fake. You can, however, build verification habits and process controls that make a convincing fake harmless. Stop teaching people to detect; start teaching them to verify.
