AI phishing reaches new dimension of cybercrime

Cybercriminals are using artificial intelligence and manipulated QR codes for a new generation of phishing attacks. The scams are becoming so sophisticated that even security experts are warning: conventional security measures are hardly effective anymore.

Criminals send billions of fake messages every day – and the success rate is rising dramatically. 82.6 percent of all phishing emails now use AI-generated content that is virtually indistinguishable from genuine corporate communications.

The FBI and other agencies are sounding the alarm: The average cost of a successful phishing attack reaches €4.16 million. What makes these attacks so dangerous? They're no longer limited to emails.

Perfect deception through artificial intelligence

The days of poorly written spam emails with spelling mistakes are over. AI tools now create phishing messages that even experts can't recognize as fake at first glance.

Particularly perfidious: Criminals are using AI to create deceptively real voice clones. They imitate CEOs or family members to initiate fraudulent transfers. In May 2025, even US federal agencies fell victim to such AI voices.

The numbers are alarming—since the introduction of advanced AI tools, credential phishing attacks have exploded by 1,265 percent. Why is this possible? The technology is constantly learning and is becoming increasingly successful at circumventing security filters.

QR code fraud: The blind spot of cybersecurity

"Quishing" – phishing via QR codes – is becoming the new favorite method of cybercriminals. The codes end up in emails, text messages, or even on real posters. A single scan is all it takes, and users land on fake login pages.

The trick behind it? QR codes shift the attack from the protected corporate computer to the private smartphone – where security measures are often weaker. Security companies registered a 51 percent increase in such attacks by the end of 2023.

Managers are hit particularly hard: They are 42 times more likely to receive QR code attacks than regular employees. The reason is obvious – their access rights are particularly valuable to criminals.

Advertisement: QR codes often shift attacks to your personal Android smartphone. Many users overlook the five settings that protect against squishing, data theft, and malicious apps. A free guide explains step by step how to make WhatsApp, online banking, and PayPal more secure – without expensive add-on apps. Request your free Android security package now.

Attack on all channels

WhatsApp, Microsoft Teams, SMS – phishing attacks are no longer limited to emails. "Smishing" via SMS messages increased by 250 percent in 2025. The scam: fake package deliveries or alleged account problems create time pressure.

Collaboration tools like Slack are becoming the new vulnerability. Fake meeting invitations or messages supposedly from colleagues are trapping employees. Voice phishing is experiencing a comeback thanks to AI technology – incidents increased by over 400 percent between the beginning of 2024 and mid-2025.

What makes this multi-channel strategy so successful? It exploits users' trust in seemingly secure communication platforms.

Advertisement: Smishing via SMS, WhatsApp traps, fake logins: If you want to make your Android phone significantly more secure in just a few minutes, you'll find the 5 most important security measures in this free guide – with checklists and clear step-by-step instructions. This is how you protect your data on WhatsApp, PayPal, and online banking without additional apps. Get the free security guide for Android .

Crime as a service

"Phishing as a service" is turning cybercrime into a mass phenomenon. User-friendly AI platforms enable even non-technical users to launch sophisticated attacks. 60 percent of all security breaches are due to human error—and that's precisely what criminals are exploiting.

The audacity of the scammers knows no bounds: The FBI is warning about fake websites that mimic its own "Internet Crime Complaint Center." Victims who want to report cybercrime are thus drawn directly to the scammers.

Experts expect further escalation: Hyper-realistic deepfake videos and personalized phishing messages will soon be almost indistinguishable from genuine communications. Even two-factor authentication is becoming the next target of criminals.