How Attackers Are Using AI Right Now (And What Actually Works Against It)

3.4 billion phishing emails every single day. 91.8 million of them get clicked. That is not a typo. StationX reported in 2025 that the daily volume of phishing hits 3.4 billion messages, and roughly 91.8 million people click through successfully every 24 hours.​‌‌​​​​‌‍​‌‌​‌​​‌‍​​‌​‌‌​‌‍​‌‌​​​​‌‍​‌‌‌​‌​​‍​‌‌‌​‌​​‍​‌‌​​​​‌‍​‌‌​​​‌‌‍​‌‌​‌​‌‌‍​​‌​‌‌​‌‍​‌‌​‌‌​​‍​‌‌​​​​‌‍​‌‌​‌‌‌​‍​‌‌​​‌​​‍​‌‌‌​​‌‌‍​‌‌​​​‌‌‍​‌‌​​​​‌‍​‌‌‌​​​​‍​‌‌​​‌​‌‍​​‌​‌‌​‌‍​​‌‌​​‌​‍​​‌‌​​​​‍​​‌‌​​‌​‍​​‌‌​‌‌​‍​​‌​‌‌​‌‍​‌‌​​‌​​‍​‌‌​​‌​‌‍​‌‌​​‌‌​‍​‌‌​​‌​‌‍​‌‌​‌‌‌​‍​‌‌​​​‌‌‍​‌‌​​‌​‌

AI did this. Not because AI is evil. Because AI is fast, cheap, and scales without complaint.

If you run a business, this is your problem right now. Not next quarter. Not after the next budget cycle. Right now. Let us walk through what is happening, who is doing it, and what actually stops it.​‌‌​​​​‌‍​‌‌​‌​​‌‍​​‌​‌‌​‌‍​‌‌​​​​‌‍​‌‌‌​‌​​‍​‌‌‌​‌​​‍​‌‌​​​​‌‍​‌‌​​​‌‌‍​‌‌​‌​‌‌‍​​‌​‌‌​‌‍​‌‌​‌‌​​‍​‌‌​​​​‌‍​‌‌​‌‌‌​‍​‌‌​​‌​​‍​‌‌‌​​‌‌‍​‌‌​​​‌‌‍​‌‌​​​​‌‍​‌‌‌​​​​‍​‌‌​​‌​‌‍​​‌​‌‌​‌‍​​‌‌​​‌​‍​​‌‌​​​​‍​​‌‌​​‌​‍​​‌‌​‌‌​‍​​‌​‌‌​‌‍​‌‌​​‌​​‍​‌‌​​‌​‌‍​‌‌​​‌‌​‍​‌‌​​‌​‌‍​‌‌​‌‌‌​‍​‌‌​​​‌‌‍​‌‌​​‌​‌

The good news: defences exist. The Australian Cyber Security Centre (ACSC), citing the UK NCSC's assessment on the impact of AI on cyber threats through 2027, outlines a layered defence spectrum that works. We will get to that.

First, the numbers.

The Speed Multiplication: 5 Minutes vs 16 Hours

IBM X-Force published a number in 2025 that should change how every business thinks about threat timelines. A skilled human operator needed roughly 16 hours to craft a credible phishing campaign. With AI tooling, that same campaign takes about 5 minutes.

192 times faster.

Think about what that means for your attack surface. You used to have a window. Attackers had to research your company, study your tone, find the right targets, draft messages, build landing pages. That took days or weeks. Now it takes less time than a coffee break.

Harvard Business Review backed this up in 2024 with another metric: AI-generated spear phishing achieves a 54% click-through rate compared to 12% for human-written mes

sages. That is a 4.5x improvement in effectiveness. The cost to produce these attacks dropped by 95% or more.

More effective. Radically cheaper. Massively faster. That is the new threat equation.

The AI Phishing Epidemic

Let's stack the phishing numbers up, because they tell the story better than any analysis could.

SlashNext tracked a 1,265% increase in malicious phishing emails since the ChatGPT launch in late 2022. Not 12%. Not 125%. Over one thousand percent.

Hoxhunt ran tests in 2025 and found that AI-generated phishing campaigns were 24% more effective than those crafted by elite human red teams. These are professional penetration testers. AI beat them.

Okta's Threat Intelligence team reported in 2025 that complete, convincing phishing sites can now be built in under 30 seconds. Not a rough page. A full credential-harvesting site with valid SSL, branding, and realistic login flows. Half a minute.

Abnormal Security estimated that over 80% of social engineering attacks are now AI-powered. Not "assisted by." Powered by. The AI is doing the heavy lifting.

StationX put the daily volume at 3.4 billion phishing emails. That number is worth sitting with. The math is brutal: even a tiny success rate at that volume means millions of compromises every day.

Why does this matter for your business? Because your employees are being hit with attacks that used to require a dedicated human adversary who chose you specifically. Now the attacks are automated, personalized at scale, and arriving constantly.

AI-Generated Malware and Zero-Days

Phishing gets the headlines because it is the most common attack vector. But the malware side of the AI equation is evolving fast, and the implications are serious.

The Google Threat Intelligence Group (GTIG) published findings in their 2025-26 report that should make every security team pause. For the first time, researchers documented a zero-day exploit developed with direct AI assistance. This is no longer theoretical. AI is being used to find and weaponize previously unknown vulnerabilities.

APT45, a tracked threat actor, used AI to recursively analyze CVEs and validate proof-of-concept exploits. What used to require a room of experienced vulnerability researchers can now be accelerated with large language models that never sleep.

Russia-nexus actors have been caught using LLM-generated decoy code in campaigns tracked as CANFAIL and LONGSTREAM. The AI generates legitimate-looking code components that mask malicious payloads, making detection significantly harder.

Then there is PROMPTSPY. Google GTIG documented this autonomous AI malware that includes a GeminiAutomationAgent module. It does not just use AI to build the malware. The malware itself contains an AI agent that can adapt, respond, and operate autonomously during an attack. The attacker builds a self-modifying tool.

The UIUC researchers demonstrated in 2024 that GPT-4 can autonomously exploit known CVEs at an 87% success rate. Give it a vulnerability identifier and it writes working exploit code nearly 9 times out of 10.

Perhaps most concerning for the supply chain: the TeamPCP attack compromised multiple developer tools including LiteLLM, Trivy, and Checkmarx. When the tools that security teams rely on are themselves compromised, trust breaks down fast.

NIST published AI 100-2 E2025 addressing adversarial machine learning, recognizing that the attack surface now includes the AI models themselves. This is not just about attackers using AI. It is about attackers targeting AI systems.

Vishing and BEC: Voice and Business Email Compromise

Voice phishing, called vishing, surged 442% in the second half of 2024 according to CrowdStrike's 2025 data. AI voice cloning means an attacker can impersonate your CEO, your CFO, or your vendor's account manager with a few seconds of sample audio pulled from a LinkedIn video or earnings call.

Imagine getting a call from what sounds exactly like your CFO, asking you to urgently wire funds to a new account. The voice is right. The mannerisms are right. The urgency feels real. This is happening right now.

Business email compromise remains the costliest category of cybercrime. The FBI's Internet Crime Complaint Center (IC3) reported $2.77 billion in BEC losses from 21,442 complaints in 2024. That averages out to roughly $129,000 per incident. For a small or mid-sized business, that is a company-ending loss.

AI makes BEC more convincing and more scalable. An attacker no longer needs to study your email style for weeks. They feed your public communications into a model and get convincing impersonations in seconds. Combined with voice cloning for follow-up calls, the social engineering chain becomes very hard to break.

The Defence Playbook: What ACSC and NCSC Recommend

The UK NCSC's assessment on the impact of AI on cyber threats, cited by the ACSC, lays out a defence spectrum based on three tiers of AI capability.

Embedded AI in security tools. This is the baseline. Your email filter, endpoint detection, and SIEM should all have AI built in. These are purpose-trained models that spot anomalies, flag suspicious patterns, and automate responses. They run in the background without you thinking about them. Most modern security products already include this layer. Make sure yours do, and make sure they are updated.

General LLMs for security operations. This is the middle tier. Your security team, even if that team is one person or an outsourced MSSP, should be using general-purpose AI tools to triage alerts, draft incident responses, and analyse threat intelligence. The same speed multiplication that benefits attackers benefits defenders. If your defenders are not using AI acceleration, they are operating at a 192x disadvantage against attackers who are.

Frontier models for advanced threat hunting. The top tier involves deploying the most capable AI models for proactive threat detection, red team simulation, and vulnerability research. This is where large enterprises and government agencies operate. For most SMBs, this tier is aspirational but worth understanding. It sets the direction of travel.

The key insight from the NCSC framework is that defence must be layered. No single tool catches everything. You need embedded AI catching the obvious stuff, general AI accelerating your human analysts, and advanced models for the sophisticated threats that slip through.

What Actually Works for SMBs

You do not need a government budget to improve your posture significantly. Here is what moves the needle.

Turn on MFA everywhere. Not SMS-based. Authenticator apps or hardware keys. Phishing-resistant MFA stops the vast majority of credential-based attacks cold, even when the phishing email is perfect. This is the single highest-ROI security control available.

Use AI-powered email filtering. If your email provider does not use AI-based threat detection, switch providers. Google and Microsoft both offer strong AI filtering in their business tiers. Add a dedicated layer like Abnormal Security or Proofpoint if your budget allows. The 1,265% increase in phishing volume means signature-based filtering is dead.

Train your people, but be honest about limits. Security awareness training matters. Humans can still catch things that filters miss. But the Hoxhunt data shows AI phishing beats elite humans. Training reduces risk. It does not eliminate it. Set expectations accordingly and layer training with technical controls.

Have a plan for voice-based attacks. Vishing is up 442%. Establish verbal authentication procedures for financial transactions. A callback number. A code word. Something. "I'll call you back on the number I have on file" is a sentence that has saved businesses millions of dollars.

Lock down your supply chain. The TeamPCP compromise of security tools like Trivy and Checkmarx shows that you need to verify your tools, not just your direct threats. Pin dependencies. Verify package integrity. Review what your CI/CD pipeline trusts.

Monitor for BEC patterns. Rules that flag external emails mimicking internal executives, new wire transfer destinations, and urgent financial requests with mismatched reply-to addresses catch a surprising number of AI-generated BEC attempts. Set up the rules. Tune them. Review the hits.

Get AI on your side. Use AI tools for threat hunting, log analysis, and incident response drafting. The cost asymmetry works both ways. AI defenders are cheaper than human defenders too. A small team with AI assistance can cover ground that used to require a large SOC.

The Bottom Line

3.4 billion phishing emails a day. 87% autonomous exploit success rates. $2.77 billion in BEC losses in a single year. A 192x speedup in attack creation.

These numbers are not projections. They are current reporting from IBM, FBI, CrowdStrike, Google, Harvard, and others. This is the threat landscape of 2026.

The attackers have adapted. They use AI because it works. It is faster, cheaper, and more effective than human-only approaches at scale.

The defences exist. MFA, AI-powered filtering, layered security tools, trained people, and incident response plans. None of them are exotic. None of them require a Fortune 500 budget. They require attention and consistent execution.

At lilMONSTER, we track these threats so you can focus on running your business. The threat landscape shifts fast. Your defences need to shift with it.

Do not wait for the breach to act. The numbers are already here.

---

Sources: UK NCSC "Impact of AI on cyber threat from now to 2027" via ACSC; Google GTIG 2025-26 Threat Report; IBM X-Force Threat Intelligence Index 2025; Harvard Business Review 2024; Okta Threat Intelligence 2025; Hoxhunt 2025 Phishing Benchmark; SlashNext State of Phishing 2024; CrowdStrike Global Threat Report 2025; FBI IC3 2024 Internet Crime Report; Abnormal Security 2025; StationX 2025; UIUC "LLM Agents can Autonomously Hack Websites" 2024; NIST AI 100-2 E2025.